How Safe are the Apps on my Smartphone?
mobilesecurity.com [London, UK] We’re installing more apps than ever on our smartphones, whether you have an iPhone or an Android handset, there’s a strong chance you’ve recently installed an app from a developer that you really don’t know too well.
How do you know whether the app you’re installing is secure, can you be certain it isn’t gathering personal information from your device and storing it – or even worse, selling it to the highest bidder?
Over the past decade we’ve seen cybercriminals increasing their efforts to harvest email addresses, so they can be sold on for profit. They employ various techniques to gather this information from us – creating fake web forms and driving victims to their site through the use of social engineering techniques.
Spammers purchase email lists from each other, and proceed to send unsolicited emails to thousands of recipients. Often these are intended to trick victims, in the hope that personal or financial information will be revealed. An acknowledgement of the email is sufficient for the recipient’s email address to be verified – and instantly it becomes more valuable to the hacker. A database of hundreds of thousands of verified email addresses can demand a significant sum when this information is sold on the underground forums frequented by hackers and cybercriminals.
The same theory applies to the mobile world. SMShing, as the technique has become known, is something that most smartphone owners will have encountered at least once. Receiving unsolicited text messages, that often include a Call-To-Action such as clicking on a web link or replying with ‘STOP’, yields astonishing results for those looking to harvest legitimate mobile phone numbers. The technique so closely mirrors the well-known ‘UNSUBSCRIBE’ request on unsolicited emails, it seems unlikely that savvy users will fall for this.
As smartphone users become more wary of responding to unsolicited text messages and emails, cybercriminals are deploying alternative methods of gathering their details. This is where new and unknown apps play a leading role in the mobile-focused hacker’s arsenal of techniques.
At www.mobilesecurity.com we’ve been keen to highlight how careful smartphone users should be when installing new apps. In fact, to help you understand what apps may be doing on your device – and with your data – we’ve created a number of widgets so that you’re able to check which data they can access, how likely they are to be taking a look at your personal information and which apps include mobile adware (madware) that may become a nuisance.
To further help you understand which apps should set alarm bells ringing – and which apps are safe – we’ve introduced the Security Score widget.
The Security Score widget allows smartphone and tablet users to check whether specific Android apps present any threat to their privacy or security. Try it out – type the first few characters of an Android app that is installed on your smartphone or tablet. You’ll then be presented with a security rating based on Norton™ Mobile Insight data.
We’ve analysed thousands of apps for malicious content, the permissions they’re requesting, and the reputation of the app developer. We’ve then taken all this information and created a score (up to 100 for ‘Excellent’ apps) to give you a clear idea of whether an app is safe to install, or whether you should reconsider installing it on your device. In addition to the Security Score, you’re also provided with the average security rating for the app's category, to allow a comparison to be made between the app and other similar apps – and a list of the permissions the app requires when you install.
Share the Security Score widget with friends on your social media sites, and encourage others to check their favorite apps before they install something they don’t know on their Android device.
Here is a short video tutorial on how to use the widget: