Are the apps on your smartphone what they seem? Security firm McAfee warned this week that cybercriminals have disguised malicious software as real-looking banking apps.
Downloading such apps hands the “keys” to your bank account to criminals.
Other malicious apps can hand criminals total control of your phone - allowing them to run up huge bills, or even steal your identity.
Even apps on Google’s Play Store aren’t always safe - in just one “purge” earlier this year, Google removed 60,000 malicious apps.
Cybercriminals adapt their attacks constantly - but there are a few clear signs that warn that an app is bad news.
If you're worried, security firms such as AVG, Norton and ESET offer free scanner apps (search on Google Play) which will tell you if your phone is infected.
The app that suddenly becomes free
Many apps have a “Lite” version where you get some functions for free - but you should be cautious if the full version is offered free of charge. The predictive text keyboard app Swiftkey was offered “free” on pirate sites - but had a built-in keylogger which recorded users’ typing to steal their passwords and other private details.
The strangely familiar app
If you're looking for Bad Piggies, download Bad Piggies - don't download anything that's similar but not quite there (ie misspelt, or with one word changed slightly). Cybercriminals target hit apps with similar-looking fakes - and downloading them is bad news.
The five-star app with bad reviews
Don’t just go by star ratings - read the reviews. Cybercriminals posted a fake version of hit PC game FTL on Google’s Play Store earlier this year - and it garnered five-star ratings, because users were forced to rate the app before it would work. It didn’t work at all, of course - but the criminals earned a tidy sum before the app was pulled.
The app that arrives early
If you’re waiting for the release of a big game or app, and it pops up a week early, be very wary. Earlier this year, scammers released malicious software disguised as BBM - BlackBerry’s messaging software - for Android, on a rumoured launch date. BlackBerry had dismissed the rumour - but 100,000 victims downloaded the app.
The screensaver that needs to send SMS
When you’re installing any Android app, look carefully at the “permissions” it requires - a list of phone functions it needs to access. Dodgy apps will request access to large amounts of information – all your text messages, or all network communications. If an app is requesting this sort of stuff, and it’s just a screensaver, alarm clock or photo editor, don’t install.
Apps without star ratings are usually bad news - why hasn’t anyone reviewed them? When shopping for Android apps, you should think like you’re on eBay - ie has the developer done any other apps? Are there good ratings for them? What does their website look like?
The one from the “bargain” app store
Stores such as Google Play, Amazon’s App Store and GetJar DO sometimes have “bad” apps - but they remove bad apps when detected. Other sites don’t. Be particularly wary of any site offering “free” apps - or sites which review apps, and offer a link to download direct from the review.