Do adverts pop up on your Android phone at almost every opportunity? Do you have security apps installed? Perhaps there is a link between them! Some apps are fake and exist just to blast you with ads.
It is ironic that apps you install on your Android phone to protect you from malware and adware are actually malware and adware themselves. Not all of them mind you, but certainly some of them and you must be careful what you install on your phone, even from the Google Play Store.
TrendLabs discovered 36 apps in the Google Play Store that claimed to offer security for your device, but in fact offered a bit more than that. They included adware and blasted you with adverts at every opportunity.
The malicious apps had names like Security Defender, Security Keeper, Smart Security, Advanced Boost and others. They claimed to scan, clean, lock apps, cool the CPU, save battery power, increase security and so on.
They show fake security messages to fool you into thinking they are doing a good job, but in reality they contain multiple triggers that show ads whenever they can.
What can you do to protect yourself against fake security apps like these?
TrendLabs notified Google and the apps have now been removed from the Google Play Store, so the immediate threat has gone. However, new apps could appear that work in a similar way.
There have been other incidences of malware in store apps and Check Point found malware hidden in 22 flashlight and utility apps. Among other things, these apps triggered ads that were irritating and got in the way of doing ordinary tasks like answering phone calls. The apps are now gone from the store, but no doubt malware authors are working on new ones that they will try to sneak into the store.
Add NordVPN to secure your Android phone (affiliate link)
How to protect against malware on Android
- Stick with the store: The vast majority of apps in the Google Play store are safe. Occasionally a few malicious ones slip through, but they are removed as soon as bad behaviour is detected. Alternative sources of Android apps contain a lot more malware and should be avoided. Go to Settings > Apps > Lock screen and security (it varies with Android versions) and turn off Unknown sources.
- Install well-known apps: Apps from well known developers are more likely to be safe than from unknown developers. For example, companies like Trend Micro, Avast, Bitdefender, AVG and several others are well known in the security industry and have an excellent reputation. Someone you have never heard of and who has never produced a security app before is not likely to be as good and it could be a fake app with malware.
- Don’t be the first: It is wise to be suspicious of new apps that have just appeared in the store and have had few downloads. Sooner or later bad apps are discovered and flagged in user reviews or even removed from the store. Wait untill an app has been around for some time and has a lot of downloads before you install it on your phone. This information can be seen on the app’s page in the Google Play Store.
- Enable Play Protect: The Google Play Store app has security features built in and they should be enabled, but it is essential that you check. Open the Store app, press the menu button, press Play Protect and scroll to the bottom. Turn on the two switches.
- Use built in security: It varies from phone to phone, but security may be built in. On a Samsung Galaxy S6/7/8 with Android 7 for example (and maybe others), go to Settings > Device maintenance > Device security. Scan the phone to check for malware.
- Use security software: If your phone does not have Play Protect or built in security you might want to install an app from a well known security company. If you do have both those features enabled, you have already have some protection and there is less need for third party software, but it can still help.
- Buy the best phone: Phone manufacturer’s focus most attention on their top of the range phones. These are frequently updated with the latest version of Android and the latest security and bug fixes. Budget phones rarely get updates and so you may be stuck with security flaws. Buy the best phone you can to ensure you get security updates.
- Uninstall unused apps: Any app you do not regularly use should be uninstalled. This not only frees memory, storage, CPU and battery, (it may be running in the background), it also removes the possibility of security issues.
- Check for updates: Make sure your phone has the latest security patches. Your phone should be set to check for updates automatically, but it is wise to check anyway. Go to Settings > About > System Update. On some phones it is Settings > Software Update.
By following these simple tips you will minimise the security problems with your Android phone. Although you may hear about a lot of security issues, many are theoretical and have been found by security researchers. They often are not found in the wild. As discussed above, sometimes malware does slip through into the store, so take care.
- Written by Roland Waddilove
- Created: 06 January 2018