No backroom devs: How to avoid installing malicious apps on your phone

Avoid potentially harmful fake apps that can bombard your device with ads or compromise your personal and financial information; Stay vigilant, use logic, exercise caution, and follow these instructions to protect yourself from this nuisance
Raphael Kahan|
Presently, there is an astounding figure of approximately 9,000,000 active apps across different platforms, including Apple, Google, and others. Undoubtedly, a remarkable number but it is essential to note that only a fraction of them are widely recognized and genuinely beneficial.
<< Follow Ynetnews on Facebook | Twitter | Instagram | Tiktok >>
Moreover, many devices already come preloaded with a considerable selection of apps, further reducing the need for additional downloads. Nonetheless, the pursuit after that elusive app capable of fulfilling our long-standing desires persists. We are constantly on the lookout for a new application that can finally cater to those needs we have yearned for over the years.
3 View gallery
סמארטפון פרוץ
סמארטפון פרוץ
Beware of hacked smartphones
(Photo: Shutterstock)
Imagine a scenario whereby you have recently downloaded a new game, digital currency wallet, or fitness app, and things quickly take a turn for the worse. Perhaps your phone screen becomes inundated with intrusive advertisements, or the application fails to meet your expectations entirely, as is often the case. In the worst-case scenario, you might even discover an unauthorized transfer of funds from your bank account or an attempt to access personal information, such as your health data. These instances can be highly unsettling and pose a significant threat to your privacy and security. it is highly probable that the app you downloaded has malicious intent to exploit your finances or gather sensitive information.
Given the vast amount of data we access through our smartphones, it comes as no surprise that cybercriminals target them, and the risks are particularly pronounced in unofficial app stores. These platforms pose a higher likelihood of threats and unauthorized activities. Fortunately, by exercising awareness, employing logical thinking, and practicing caution, you can protect yourself.
Here are some valuable tips from ESET, an information security company, to help you avoid downloading malicious or dubious apps that may lead to regret later:
1) Have you come across an app that promises remarkable functionality or offers a service you've been longing for? If the app is genuinely popular, its download numbers, as indicated in reputable app stores, can provide valuable insights. Highly popular apps often accumulate millions or even tens of millions of downloads (considering the vast number of smartphones worldwide).
Therefore, a globally recognized app should exhibit such substantial figures. Similarly, a local app, like one in Hebrew, should have hundreds of thousands of downloads at the very least if it truly stands out and enjoys widespread recognition. If the download numbers do not align with expectations, it may indicate a potential problem.
2) App reviews can be a relatively effective method to gauge the authenticity and quality of an app. If an app has a low rating and negative reviews, it's advisable to reconsider downloading it. Conversely, if an app has an overwhelmingly high number of positive reviews that seem suspiciously similar, it should raise concerns.
3 View gallery
סמארטפון פרוץ
סמארטפון פרוץ
Plenty of things to check prior to downloading
(Photo: Shutterstock)
This is especially true for apps that haven't garnered millions of downloads, as a large number of reviews for such apps could be from fake reviewers or even bots. Additionally, it's worth checking the geographical distribution of the reviews. For example, if you come across numerous reviews from India for an app you're interested in, but you're looking for an app relevant to Israel, it may not be the right choice for you.
3) Malicious developers often try to deceive users by copying the logo or graphic design of legitimate apps. However, they can't replicate the design exactly as it would prevent them from uploading the app to the store. Instead, they create a design that closely resembles the original, hoping that users won't scrutinize the screen or images in the app store too closely.
Therefore, it's crucial for you to pay attention to these details. However, it's important to note that recognizing the logo of a well-known entity, such as a bank, credit company, or Bitcoin wallet, doesn't necessarily mean you're in safe hands. Some malicious apps go beyond just misusing the name of a legitimate service and are distributed through websites that are mirror images of the genuine ones. Exercise caution and verify the legitimacy of the source before downloading any app.
4) It is crucial to be vigilant regarding the availability of official apps for the specific store or service you seek. Just because a certain platform offers a service you desire does not necessarily mean it has an app, and some are exclusive to certain platforms like iPhone. Additionally, certain companies or organizations solely rely on websites instead of apps. Hence, before proceeding to download an app for a popular online service, make sure that the service indeed provides an official app. In such cases, the official website will typically provide links to download the app from authorized stores.
5) The credibility of an app lies not only in its advertising but also in its visibility. Developers who invest significant effort and resources into their applications also prioritize enhancing their visibility and ensuring the accuracy of their promotional materials.
3 View gallery
קצת עמוס לא?
קצת עמוס לא?
Selection can be tempting, but be careful
(Photo: Shutterstock)
The app description itself serves as advertising material, and a professional developer will diligently review the text to eliminate spelling errors, proofread content, and ensure accuracy. If you notice grammatical errors, incomplete information, or inaccuracies in the app description, it could be an indication that the app might not fulfill its promised functionalities.
6) Identifying the legitimate developer behind an app is not a useless question at all. Legitimate app stores, such as Google Play and Apple's App Store, ensure that only authorized developers can upload their apps under their own names or aliases. For example, apps from Google will be published by Google itself, and the same applies to Facebook, Instagram, WhatsApp, and other well-known companies.
However, malicious developers may attempt to deceive users by using names that closely resemble those of legitimate developers. They might upload fake versions of popular apps, substituting a letter or using a similar-sounding name. In such cases, conducting a search on platforms like Google can be beneficial. By searching for the developer's name and reading reviews, you can gather more information and insights. Legitimate and professional developers often have multiple apps attributed to their name, further cementing their gravitas.
7) Granting permissions to apps is an important aspect to consider when evaluating their credibility and potential risks. It's essential to use logic and common sense to determine whether certain permissions requested by an app are necessary for its intended functionality. For example, it's reasonable for a flashlight app to request access to the camera because it utilizes the camera's flash to provide light. However, if a flashlight app requests access to your contacts, it may raise suspicions since there is no apparent correlation between the app's functionality and the need for contact information.
In general, simple apps typically require only one or two permissions to function properly. While some apps may request multiple permissions, it's important to be cautious and consider whether those permissions align with the app's intended purpose. It's worth noting that in some cases, apps can still operate even if you haven't granted all the permissions they requested. Starting without granting all permissions and then evaluating the app's performance and functionality can be a prudent approach.

What to do if a malicious app is already installed on your phone

If you come across a potentially malicious app, it's advisable to uninstall it. Alternatively, you can opt for a manual approach by resetting your device to its factory settings after ensuring your data is backed up. In some instances, starting the device in safe mode might be necessary to remove the app. ESET provides a helpful video tutorial on this process.
Here are some final helpful tips to send you on your merry-app way:
- Reporting the malicious app to the app store can help protect other potential victims and may even allow you to request a refund for any associated costs.
- For apps downloaded from the Google Play Store, enable the Google Play Protect scan on your device. This feature helps detect and prevent the installation of malicious apps.
- If you download apps from other sources or stores, consider enabling the "Enhance detection of malicious apps" option. This setting will automatically send unknown apps to Google for further analysis and identification of potential threats.
Comments
The commenter agrees to the privacy policy of Ynet News and agrees not to submit comments that violate the terms of use, including incitement, libel and expressions that exceed the accepted norms of freedom of speech.
""