The deep, dark fear of security-minded people was that smartphones would surpass PCs as the prime target for malware. The good news is this hasn't happened...yet. Apple's strict control over its store has kept out nearly all the overtly malicious apps, and the Google Play store has seen remarkably little malware despite the freedoms it allows.
Malware is a threat for mobile users, but if you stick to Google Play it's highly unlikely you'll encounter it. There are, however, other, more pressing concerns. Scammers and aggressive ad networks want access to your personal information, and mobile device theft is a burgeoning problem. Thankfully, Android security suites are already guarding against these threats, and are ready to defend you, should the mobile malware threat ever really take off.
Mobile Malware Protection Today App stores have benefited greatly from a digital security industry that was well established by the time smartphones arrived on the scene. Most have made the jump to mobile, and brought with them years of experience and advanced techniques. That's obvious when you consider that, according to the independent AV-Test lab, the average detection rate for Android security suites is 96 percent and several apps have detect 100 percent of the threats used in the study. I've written about mobile malware detection on SecurityWatch quite a bit, and the numbers keep getting higher, even as the tests include more and more samples.
The approaches to protecting against mobile malware vary depending on the developer. Bitdefender Mobile Security and Antivirus, our Editors' Choice for paid-subscription Android security apps, uses a targeted method: it only scans app files, scans every app when it is installed, and uses a cloud scanning technique that only works when an internet connection is available. On the other hand, our Editors' Choice for free Android security apps avast! Mobile Security & Antivirus can be configured to scan every single file on your device and even scan files every time they're accessed. Either one will protect you, but avast! is probably better for power users who side-load apps from weird markets, and Bitdefender better suited for the average user.
Pocket-sized Data Goldmines For scammers, the information inside your phone—your phone number, your contacts, the easy sharing to social network—is gold dust. With it, they can craft convincing phishing emails, send spam directly to your phone via SMS, spread spam to everyone in your address books, all in the hopes of making some money.
The ability to send texts is particularly attractive to scammers since they can easily monetize a so-called 'premium SMS message.' Remember those 'Text [number] to donate' things for charitable organizations? Like those, but evil, and with the scammer or an affiliate on the receiving end.
Many security apps will offer some form of phishing protection for mobile web browsers, generally by blocking known phishing URLs. Apps like TrustGo Antivirus and Mobile Security can extend their protection beyond the stock Android web browser and include Chrome, Dolphin, and other browsers as well.
A rare, but welcome feature amongst Android security apps is SMS protection. Kaspersky Mobile Security for Android lets you create white and black lists of numbers, and avast! will offer to block messages from any number not already in your address book.
Ad Networks and Permissions A sour truth for smartphone junkies is that advertising is a critical part of the app ecosystem. Yes, you don't like ads, but you probably really like getting games for free. In order to make money off free games, developers insert ad network code into their apps and get a cut from the network for pushing ads to you.
Ad networks are keen to get access to more of your information in order to better target ads and get more information about who sees their ads. Access to a phone number or device ID lets advertisers track your movements between apps, and build up complicated profiles. Less reputable ad networks may also try to access your address book in order to send ads to other people, or even change your ringtone to an advertisement. Some ad networks store your information in countries with hazy information protection laws, raising the possibility of your information being sold to third parties.
In SecurityWatch's weekly Mobile Threat Monday feature, we often see apps that are tied to suspicious ad networks or request many more permissions.
Many security apps now include privacy inspectors that report on what information apps can access. Lookout recently unveiled tighter definitions of malware and started flagging apps in Lookout Security & Antivirus Premium that aggressively harvest information or use unusual advertising techniques without your consent. Bitdefender recently unveiled a stand-alone app called Clueful Privacy Advisor, which can even tell you where your personal information is being sent.
Right now, the most privacy inspectors can do is assist you in comparison shopping. Because Android's approach to permissions is all or nothing, you either allow an app all the access it wants or you don't get the app. Privacy inspectors give you a birds'-eye view of where your information is going, letting you choose which apps to keep and which to ditch.
Loss and Theft Your smartphone itself represents a not-insignificant investment, and one that has increasingly become a target for thieves. Reports claim that 1.6 million Americans had their phone stolen in 2012, the problem apparently warranting a summit earlier this year.
More than your phone itself, the information inside needs safeguarding as well. Not necessarily for scams, but just peace of mind. Personally, the idea of someone using my phone to post things on Facebook or Twitter, rifle through my photos, or read my text messages makes me feel sick to my stomach.
To defend your phone, most security apps include a slate of anti-theft tools to keep you in charge of your phone no matter who possesses it. Once the app is installed on your device, you use a web portal to track your phone, keep people out using a device lock, set off an alarm, or send messages to whomever has the device. Security apps like Kaspersky even allow you take pictures of the phone's captor, and others like Bitdefender let you control your phone via special text messages.
To deal with worst case scenarios, most Android security apps will let you remotely trigger a factory refresh which erases all your data on board. If you've got sensitive information on your phone, it's a drastic but necessary step.
Choose Your Shield The freedom of the Android platform has opened the door for new threats, but also given security apps the latitude they need to protect your device. The result has been a surprisingly diverse ecosystem of free and paid apps to keep you safe(r).
Whatever you chose for your device, make sure it works for you. Learn how to use it, and be sure to test-drive the anti-theft features so you know how they work before you ever need to use them for real. Mobile security is only as good as the person using the phone, so choose wisely, and make it part of your life.
Tidak ada komentar:
Posting Komentar