Blog

How to Spot Malicious Apps

A malicious app is created specifically with the intention to cause harm.

They’re usually designed to appear as innocent apps, or even clones of official apps, to steal sensitive information.

For example, a malicious developer could design a storage cleaner app to steal files and data from the users that install it on their devices. Or, clone a familiar banking app to take your account details.

What Makes an App Malicious?

There are plenty of applications that exist that could be vulnerable to hacking but overall have no sinister intentions.

For example, any app that collects location data could be intercepted by a hacker looking to steal that information. These appear as riskier apps but aren’t developed to cause deliberate harm.

Malicious apps, on the other hand, exist primarily to either steal information from the user who installs it or to manipulate the device it’s installed on.

Malicious Behavior to Look Out For

Developers have smart ways to make malicious apps appear genuine, so it’s vital you understand how to spot a malicious app before downloading it to your device.

Avoid third-party APK files

The Apple and Google official app stores protect you and your data from harm by verifying that the apps they offer are safe. Third-party sites offering APK files to download do not offer protection and pose a significant security threat.

Apple verifies all apps in the store. On Android, look for the ‘Verified by Play Protect’ message when installing an app.

App Store Reviews and Strange App Descriptions

A legit app has lots of genuine reviews and ratings left by users. They also have descriptive information about how the app works.

If you come across an app that has almost no reviews, or the reviews appear to be copied and pasted, this could be a warning sign.

Similarly, if there’s no app description or the information is vague with lots of grammatical errors, chances are the app could be malicious.

Check for higher-than-usual data usage

Malicious apps often use your data to perform sketchy tasks in the background without your knowledge.

Check your monthly data usage in your settings, or install a dedicated data monitor like GlassWire.

If something doesn’t seem right, and the problematic app appears to be using far more data than it should be, uninstall it immediately.

Common Mobile Vulnerabilities

Mobile devices can be susceptible to malicious apps or other kinds of security threats because they have certain vulnerabilities that hackers exploit.

Data Leaks

When you install an app, how often do you check what permissions you’re allowing?

Apps often collect sensitive data and we don’t read the fine print to see what this is. You could potentially be handing over a lot of your personal information without realizing it.

Open Wifi

Open wifi spots—ones you can connect to without a password—can be convenient in a pinch.

However, they pose a massive risk.

When your device is connected, hackers can easily intercept the data you’re sending and receiving and even access your device.

Old or Out-of-Date Device

Did you know that mobile devices only receive software and security updates for a certain number of years?

After that, the device becomes a huge target for hackers.

As newer models come out, developers stop providing support for the older devices. This leaves big gaps in security which can be exploited.

Poor Password Protection

Kaspersky Labs found that over half of consumers don’t password-protect their mobile devices. Are you one of them?

Leaving your mobile device easy to access poses a threat to your personal data if the phone is lost or stolen.

Avoiding Malicious Apps with a Personal Firewall

Choosing a personal firewall proactively protects your devices in several ways.

A quality personal firewall can:

  • Monitor network traffic for threats by inspecting packets of data received
  • Defend against viruses by identifying thousands of new types every week
  • Prevent hackers from accessing your data through anti-fraud and anti-phishing methods
  • Adds a layer of privacy to your data by encrypting files, protecting location info, and preventing unwanted microphone access

In Summary

Malicious apps are out to steal your data.

Protect your devices with firewalls, data monitors, and strong passwords. Avoid open wifi networks and third-party app websites.

Take care in only installing trusted apps from official app stores and if something feels off about an app you’ve installed, like higher data usage or strange permissions, uninstall the app immediately to keep yourself safe from attack.

Blog

News and Interests annoyance

by Chris Taylor

About Chris Taylor:  Chris is on the Community Review Board for SANS’s OUCH! (the security awareness newsletter designed for everyone), has given over 470 computer-related presentations at the Ottawa Public Library, and is President of the Ottawa PC Users’ Group.

In May of 2021, Microsoft imposed foisted released News and interests—a

tray icon app that can provide information. I like that it provides local weather information at a glance.

What I definitely do not like is that a huge window pops up if my mouse just happens to pass over the News and interests tray icon.

 Fortunately, there is a simple fix.

Right-click a blank area of the Taskbar (1) and select News and Interests (2) in the pop-up menu. You can turn off News and interests completely by clicking Turn off (3). Or click Open on hover (4) to remove the check mark for that option.

News and interests will no longer open a big box when your mouse passes over its icon. You can still access the full News and Interests: you just have to click the icon.