For a large part of the Earth's population, 2011 is the year of the Rabbit (Chinese new year started on February 3rd). For Apple fans, 2011 will most likely be the year of Lion. But for all mobile device users, 2011 will definitely be the year of mobile malware.
While mobile phones have been used for many years without any major security or infection issues, the advent of Android devices based on an open platform has vastly changed the situation.
Users have been protected to this point because they could only download apps from secure sources like the Apple iTunes store. But with Android, anyone can now write and publish an app from third-party web sites, which makes the platform an ideal target for cyber criminals.
This means Android users may be at greater risk than owners of other mobile devices in terms of downloading malicious apps - not only because of Android's more relaxed vetting process, but because 100 million Android users represents a huge and irresistible target for cyber criminals.
"The same web browser that they use to check balances on their bank accounts, or pay $2 for a song, can also display infected web pages. Users are enthusiastically installing new applications without properly checking where they come from and what they do."
How to Stay Safe
It's now more important than ever to pay careful attention to the security implications of what you do with your mobile devices. AVG (AU/NZ)'s top tips on how to stay safe are:
- The first thing you can do is to think of your mobile device not as a phone but as a computer - for that is what it is. Be just as wary about phishing attempts made via mobile email or text as you would on your computer.
- Pin number/password protect your smartphone/tablet so no-one else can access it.
- Back up the information on it regularly so if you lose the device, you can restore the data to your next one.
- Do not root or jailbreak your mobile device to get around limitations set by your carrier or device manufacturer. Doing so will also remove any protections built into the device in order to defend against a number of mobile threats.
- Be careful of everything you download onto your smartphone, especially applications. Only use reputable application markets. Look at the developer's name, check out reviews and star ratings. Do you still trust it? If you want Angry Birds, then download Angry Birds - not Angry Biiirds, or some other slightly altered name. Usually you can also tell legitimate and fraudulent apps apart by their file images. Always check the permissions an application requests. Use common sense to ensure that the permissions the application requests match the features the application provides.
- Be on the lookout for strange behaviours on your smartphone, or strange entries on your phone bill. Be wary if you find applications being installed without your knowledge, plus SMS messages or phone calls happening without you initiating them. These could be signs that your phone is infected.
- Don't bank, shop or access sensitive sites from a public hotspot unless you know it is secure. Disable Wi-Fi auto-connect to prevent connecting to a malicious host. When you are ready to connect, look around for public displays that will tell you which legitimate host to connect to. Avoid unknown sites when using your mobile browser, and don't click on links before authenticating the sender.
- You have security software on your computer, right? So why not download anti-malware protection for your phone, tablet, e-reader etc. Solutions like AVG ANTIVIRUSFree or ANTIVIRUSPro for Android will scan the device, identify and remove malware, plus check applications for malware before downloading from application stores.
Borrett's strong advice is: "People must get into the mindset of seeing their Android devices as a PC in their pocket and to be very conscious of security. Whole lives are now kept on mobile devices - contacts, photos, data - all crucial, personal information on a compact device which is so easy to access or lose."
Keep in touch with AVG (AU/NZ)