Google has made a lot of changes to Play Store policies since the start of the year. Most of the changes revolved around the app permissions, and were meant to make Android apps a lot safer to download and use on devices. It was also said that developers who didn’t comply with the changes would have their apps removed from the list of offerings.
Despite the initiative taken, Symantec recently discovered that in August, scammers managed to publish around 1,000 fraud apps on the Play Store, and even though most of them were quickly deleted by Google, the source reveals through estimation that they were downloaded over 10,000 times.
Among the fraudulent links included within the apps, there were several pointing to adult sites and webpages that ask for fees without actually signing up people for services.
All of the activity shows that despite efforts from Google and security companies, there are still scam apps that manage to get themselves on the list and into millions of devices, posing a great threat to the users in the form of malware, data theft, security breaches etc.
And apart from apps that look ‘suspicious’ by nature, some email clients that look official have also contributed to the security problems. F-Secure labs threat report reveals that an Android Trojan that goes by the name ‘Stels’ was disguised in emails that were themed on the Internal Revenue Service in U.S. (fake), and it was used to steal sensitive information from users using what hackers call ‘The Android Malware Kit’.
So the risks mean that users have to take additional steps to protect their devices, and more importantly, their privacy and financial information. The measures go beyond installing anti-malware apps that only offer a single protective shield against security breaches and attacks (leaving the back door and other sources open).
How to safeguard an Android device against fraudulent apps?
While there are a lot of ways to ensure device protection, the most effective ones include:
1. Install an elastic security software
An effective, elastic security approach against attacks goes beyond simple anti-malware app installation and includes cloud security software integration and other advanced measures. This type of software approach protects the data and privacy of the user through multiple layers to foresee any harmful threats without comprising the performance of the system agents.
A central security hub controls different devices and operating systems to prevent any threats that can steal valuable data of the user. And the elastic software also includes advanced integration of DLP (data loss prevention system) that integrates easily into the existing OS infrastructure.
2. Read app reviews
App reviews can give insight on how an app has been performing on the Play Store. However, it is better to read reviews on credible websites, instead of establishing an opinion about an app based on user reviews listed on the Play Store itself.
This is because scammers can easily tend to pay users (or their own community) to leave fake reviews about an app (and the profit they make through the scam will easily cover the costs).
3. Backup important data
Important data stored on the device should be backed up almost on a daily basis. Backing up manually can be inconvenient, so a backup app that stores the data to the external servers will be the preferred choice for most users.
The backup will ensure that the device can come back to its original state at any time.
What measures do you take to safeguard the device against fraudulent apps? Feel free to leave comments.