Smartphones and tablets are evolving from niche luxury devices to mainstream consumer gadgets. As mobile devices become a ubiquitous part of the mainstream culture, malware developers are paying attention and are anxious to exploit the fertile new territory.
Android is the low-hanging fruit because it combines the leading smartphone platform with an open ecosystem, and the ability to purchase apps from diverse, rogue app repositories. Other platforms seem inherently more secure, but are still not invulnerable. Despite the "walled garden" and strict curation of iOS apps, a security researcher recently demonstrated that the Apple App Store has its weaknesses as well.
A statement from McAfee proclaims, "While reported mobile malware incidents are still relatively low in number, McAfee Labs is seeing significant growth in the mobile malware threat landscape."
To guard against mobile malware and protect yourself and your data, here are five things you should keep in mind when buying or downloading apps for your mobile devices:
Malware on mobile devices is nowhere near the threat that it is on PCs--particularly Windows-based PCs...yet. Malware developers aren't looking for a challenge. They will develop malware for the platforms and devices that have the largest pool(s) of potential victims, and those that are easiest to exploit. Step one in protecting yourself is to simply be aware that the threat exists.
Do Your Homework
Think before you download. Just as it makes sense to read some Amazon reviews before buying a book, or some Yelp reviews before testing out a new restaurant, it makes sense to read some reviews of an app before you jump off the cliff. General word of mouth support for an app is good, but it is even better if you can get input from your social networks--friends and family you trust--before downloading an app.
Check Your Sources
Not all third-party sources of apps are bad, but the odds are much higher. For a platform like iOS, you have to go out of your way to jailbreak the device in order to use apps that aren't approved by Apple. If you have taken such drastic measures, you are hopefully already aware of the risks involved as well.
Android users may not be as conscious of the threat because third-party app repositories are normal for that platform. Still, the safest source of Android apps is the official Google Android Market, or at least an app store from a trusted source like the Amazon App Store. To avoid shady apps, you should deselect the "Unknown sources" option in the Android Applications Settings.
Watch the Permissions
Mobile operating systems have enough security in place that apps generally have to request permission to access core functions and services of the device. Think about the permissions you are granting before you just tap and blindly accept them. Does that Sudoku app really need access to your contacts, camera function, and location information?
As the mobile market grows, and the malware developers take notice and begin to target it, the security vendors--like McAfee--are working to try and stay a step ahead of the malware attacks with security tools and software.
Following the first four tips will help you avoid a majority of potential threats, but antimalware software can help detect and identify any threats that slip past your defenses.