Forewarned and forearmed. How to protect your Android smartphone from viruses
Although the operating room Android system Indeed, while it is slightly more vulnerable to malware attacks than iOS, the situation with it is by no means as bad as Apple would like you to believe. Some simple techniques and a little common sense will make your system invulnerable to any attack.
1. Set a lock screen
Yes, blocking Android screen does not seem to be a serious obstacle - but even it can provide some protection against random attacks.
It provides you with multiple unlocking options - Pattern, PIN, Password and Face Unlock, according to at least for stock Android devices. Of the listed methods the most secure password is. A pin is technically more chaotic than a pattern (at least in theory). However, the pattern, although it looks funny, leaves you vulnerable to attacks on it - which, according to analysts, works 68 percent of the time under ideal conditions.
But whatever security method you choose, it's still better than no security at all, and a simple password can fend off most casual attacks. Trust me, it's worth one second of inconvenience 50 times a day.
2. InstallAnti— Malwareprogram
Just like on Windows machines, some kind of antivirus program on the system will be very useful to you. Exists a large number of Anti-Malware programs, many of which are free. Good recommendations deserved it Lookout, AVGAndAvast. They are able to track malicious code, check installed applications against the database of known threats and generally monitor safe work your phone.
3. Don't cache passwords
It's a little annoying, but it's true. Password caching is, of course, incredibly convenient, but this is a gift from heaven to anyone who manages to steal your phone. Thanks to them, an attacker can extract your logins from one phone Email, accounts social networks and many other things. Of course, other security measures like lock screens provide some protection, but the only reliable method here is to simply not save passwords. They are mostly saved by your internet browser – in other words, Chrome.
4. Check SuperUser privileges
If you have rooted your Android (which is generally more than justified), you need to be especially vigilant in security matters. Rooting your phone allows applications to run with the “root” access level, bypassing standard checks systems. A malicious app with root access will be incredibly dangerous - in fact, it will be able to do whatever it wants on your phone without your knowledge (this is the main reason why phones don't come rooted out of the box).
However this is not a reason not to root. Instead, you just need to pay a little more attention to managing your applications. Once you've rooted, you'll likely install SuperSU or Superuser, which allows you to root apps and see which programs are actually using their advanced privileges. Be extremely careful in choosing the programs to which you give SuperUser permission - only give them to trusted applications from trusted sources. It is also useful to review the list from time to time and remove unnecessary programs from it.
5. Install applications ONLY from reliable sources
One of the most common methods Android infections– this is downloading an infected application. Anti-Malware program, as mentioned earlier, can provide you with one extra layer of protection against such threats by flagging anything it finds suspicious.
But better protection certainly is common sense. Thanks to Google's efforts, most of the apps in the Android store are clean and threats come mainly from various exploits that infect regular applications, for example, through an advertising system. In any case, well-known and popular applications are more likely to be secure; installing programs from third-party resources will always be potentially dangerous, and the whole question is in this case comes down to the level of your naivety (or, if you prefer, gullibility).
Games, photo editors with elf faces, calorie calculators and online dictionaries in a smartphone entertain us and make life easier. But the sensational story with the Meitu application is that not all of them are safe. An expert from Positive Technologies told how to protect your smartphone from malicious applications.
Nikolai Anisenya
Security Research Specialist mobile applications Positive Technologies
Trojans? No, have not heard
In the language of IT specialists, malicious software(software) that disguises itself as a harmless program is called a Trojan. Such applications force the user to install them themselves and grant the necessary privileges.
All Trojans can be divided into two types. The first to exploit vulnerabilities operating system or applications installed on your smartphone. The latter force the user to allow some actions, for example, access to one-time passwords from SMS messages, the camera, the gadget’s desktop or other applications.
If OS vulnerabilities are exploited, note malicious activity pretty hard. Thus, a program, for example, aimed at stealing money through mobile banking, will make itself felt after funds are written off from the account.
Protecting against malware that forces you to give access to data or allow you to perform fraudulent activities is also difficult. Such malware uses legal techniques, so the user remains to blame. Without reading the installation conditions of the application, he trusts and allows a free dictionary or game to read his messages, make toll calls, and sometimes completely control the device.
Rule 1: Install applications only from official markets
Most malicious applications end up on smartphones from unofficial application markets or via links from sites with unlicensed content. Google Play And App Store review applications before they are made available to users. It is much more difficult to catch an infection there. If you decide to download something from an unknown resource, check the “Install applications from untrusted sources” checkbox during installation.
Rule 2: carefully read what access, permissions and functions the installed application requires to enable
Fraudsters often embed malware into clones of popular paid applications, luring victims free music or games. Once in a gadget, the virus exploits the vulnerabilities of older versions of the OS in order to gain increased control over the victim’s device. Some may, for example, force the victim to enable special developer features - USB debugging. This way, installation software from a computer will be able to gain unhindered access to installing applications on a smartphone with any privileges.
Rule 3: Update your apps regularly
Research has shown that 99% of attacks target vulnerabilities for which developers have released patches. When releasing a new release, they always officially notify about the bugs and loopholes that have been fixed. Fraudsters carefully study them and direct their malware at those users who did not manage to update old version. That's why timely update and the device OS, and installed applications can reduce the risk of attacks.
Rule 4: forget about root rights
Almost everything Android users can get full control over the system of your gadget. Root rights Root is the main administrator account. If a fraudster gains access to this profile, then he has a number of opportunities that are not available in normal mode work. provide the opportunity to change system folders and files: for example, they allow you to delete standard applications(calendar, maps and various built-in services), change and delete themes, shortcuts, optimize the operation of your device, overclock the processor. There are ones that establish complete control over the system, but they also completely destroy the security on the device.
Do not use a rooted Android device to perform banking operations. If malware gains these root rights, it will be able to embed itself in everything system processes: read SMS with a one-time password from the bank, delete SMS notifications about debiting funds, have access to data bank cards and even listen to conversations. In this case, all these activities will be hidden from the user.
Rule 5: Don't give weird permissions to apps
If an application needs to use, for example, access to the contact list, then during installation it will definitely request this permission. Starting with Android 6, some permissions cannot be granted during installation - they are granted only after they are launched. So, if an application needs access to read SMS, location or other confidential information, the user can deny it. To protect yourself, you need to be very careful about such offers.
The most popular permissions requested by malware are:
Reading SMS. Many applications, including banking, use SMS messages for delivery one-time password. Having gained access to the SMS, the attacker will be able to log into your account and confirm his transactions.
Sending SMS and making calls. The application can simulate calls and SMS sending to paid numbers, stealing money from a phone account.
"Overlay on top of other windows" in Android OS. This resolution can be used to distort almost any information displayed on a smartphone screen. Overlaying a picture of the windows, malware can trick the user into, for example, confirming remittance. Different windows can be displayed on top of a banking application so that the user taps on certain parts of the screen (this is called tapjacking), and ultimately sends money to someone else's account. The software can also change the transfer amount by hiding a couple of zeros in it: the user will think that he is transferring 1 ruble, but in fact it is 100.
Device Administrator. This permission will give the malware almost complete control over the device. He will be able not only to steal money, penetrate any account, but also protect himself from deletion.
It would be a good idea to regularly review applications and the permissions granted to them. Starting with Android 6, access to permissions can be disabled. This can be done according to the following scheme: Settings -> Applications -> Application permissions/Overlay on top of other windows.
Are there no viruses in iOS?
It is much more difficult for iOS users to run into Trojans. But even here, malware has ways to penetrate the device. Apple allows the installation of internal corporate applications bypassing the App Store, provided that the user trusts the developer. Therefore, attackers disguise viruses as harmless applications, often free clones paid programs. You should not install these, especially if you make money transactions from your device.
Once the malware gets onto the device, it can use vulnerabilities in iOS to disable security mechanisms (perform a so-called jailbreak) and gain full control over the device. If the user disables the security mechanisms on his own, he makes life much easier for scammers.
The malware can also target vulnerabilities not in iOS itself, but in applications - for example, insecure data storage in your mobile banking. As in the case of Android, timely software updates will help against such attacks.
Bottom line: things to remember
Each application should be treated as if it has unrestricted access to the device. The application may look harmless, but act secretly or trick you into doing unwanted actions. You should trust those developers who place their products in official markets (Google play, App Store). It is necessary to pay attention to whether there are suspicious applications such as “Root rights”, “Wi-Fi accelerator”, “battery saver” among the developer’s list. Positive reviews and the number of downloads can also become additional criteria in favor of choosing a developer.
The recently introduced iPhone 7 confirmed fears that Apple is experiencing a serious crisis of ideas. The main novelty of the model was the abandonment of the traditional headphone jack, which was replaced by wireless “plugs” for 12,990 rubles (twelve thousand nine hundred and ninety rubles).
Let's give some safety tips for those who have finally decided to switch from iOS to Android (as well as for long-time fans of Google's platform):
1. App lock
Sometimes friends ask for your smartphone to look at photos or quickly find something on the Internet. It’s inconvenient to refuse, but you don’t want strangers to dig into personal files. Especially for such cases, Android 5.0 Lolipop now has the ability to lock the device in desired application.
To activate the function, go to the Security section - Blocking in the application - On.
After that, in any desired application, you can click the “Recent” button, and then the pin icon. The application will open, but you will not be able to exit it.
To unlock, press Back and Recents at the same time, then enter your PIN or password.
2.ESET Mobile Security
Home protection your Android - reliable antivirus, the effectiveness of which has been proven by independent viral laboratories.
Provides comprehensive device protection in real time cloud technology ESET Live Grid, Anti-Phishing and Anti-Spam modules. The function will make the Android gadget safe even for the little ones.
The module determines the location of a smartphone using GPS if the device is lost or stolen. In addition, Anti-Theft allows you to remotely block a gadget or erase all data so that it does not fall into the wrong hands.
3. Password manager
Any Internet user has dozens, or even hundreds of accounts on various sites and services. However, few people can remember the unique password for each of them, so the same password is used almost everywhere (you are no exception, right?)
It’s good that application developers have already taken care of solving this problem. Password managers such as LastPass or 1Password help users generate and store any number of passwords.
How to come up with complex password and remember it forever, read in.
4. Two-factor authentication
Try to reduce the risk of data leakage as much as possible and use the function two-factor authentication wherever possible.
Most modern services allow you to enable authorization confirmation via SMS. This way, scammers will not be able to access your account, unless they have your mobile phone in their hands.
Some applications allow you to do without SMS (for example, Authy). The program automatically generates a six-digit code that disappears after 12 seconds. You can use Authy with all services that support two-factor authentication.
5. Smart Lock
All gadget users know that locking your device's screen adds an extra layer of security against threats online and offline. However, most people ignore this security measure because entering a PIN code dozens of times a day can be very tedious.
Fortunately, Android developers 5.0 Lolipop has figured out how to get around those annoying passwords without compromising security. The Smart Lock feature allows you to unlock your mobile device in 3 ways:
- Trusted Devices - Device unlocks when a familiar Bluetooth or
- Safe places- unlocking the device by geolocation (for example, at home or in the office)
- Face recognition - the device is unlocked if the gadget “recognizes” the owner
- Settings - Security - Screen lock
- Select one of the screen lock methods (except Swipe)
- Go to the end of the list, find Trust Agents and activate Smart Lock
- Go back to the top of the Security section and open the Smart Lock menu
- Select one of the smart unlock options listed above
6. Android Device Manager
The Android Device Manager application will allow you to quickly find your lost gadget. With it, you can set the ringtone volume to maximum, even if the device was in silent mode. It will come in handy when the smartphone falls behind the sofa again.
7. An Android VPN client
Contrary to the recommendations of information security experts, users often connect to public Wi-Fi in cafes, airports, hotels and other places. Thus, attackers have a chance to intercept important personal data, including online banking logins and passwords.
Additional measure protection can be achieved by using VPN clients that encrypt your device’s traffic and also hide your IP address and location. If you are forced to frequently use public wireless network(for example, in), then use one of the applications:
Unfortunately, along with the growing popularity Android smartphone The number of viruses that attack users of these devices is also growing. Increasingly, you can hear stories about smartphones becoming infected with viruses, which led to hacked accounts or loss of money.
But if you exercise some caution, the risk of infection can be significantly reduced. In this article we will give some tips on how to protect your Android smartphone from viruses.
Tip #1: Install apps only from Google store Play Market.
The Android operating system allows you to install applications from any source. You can go to any website, download the application there in its format on your smartphone. This approach is very convenient and user-friendly, since it is not tied to one application store.
But, on the other hand, installing applications from third-party sites carries great risks. Such applications are not verified by anyone and can contain anything. These could be viruses, trojans or other malicious software.
This applies especially to paid applications, which are distributed free of charge through third-party sites. Along with removing the protection, hackers could embed their own malicious code into the application. Therefore, if you want to protect your Android smartphone from viruses, then in no case skimp on applications and do not download them from the Internet, only from the Play Market.
It is also not uncommon when browsing the web using an Android smartphone to see pop-up messages indicating that you need to update the operating system, install a web browser or launch a Flash player. Also, in some cases, you may be prompted to install an APK file. All of these are attempts to introduce a virus onto your Android smartphone.
If such unexpected offers to install or update something appear, simply close the tab with this site and do not visit it again.
Tip #2: Install only popular applications from well-known developers.
If the application is available in Play store Market, this does not guarantee that it is completely safe. Despite the fact that applications available in the store are checked, there is always a chance that virus developers will be able to hide malicious code well and such applications will pass the test.
In order to protect your Android smartphone from such hidden viruses you need to be very careful about what you install. Try to install only popular applications that have at least 100 thousand installations. If in popular app suddenly a virus appears, it will be discovered much faster, which means similar applications much safer.
Tip No. 3. Do not get Root rights.
On an Android smartphone you can. This provides full access to the entire operating system and allows you to modify it at your discretion. This access allows you to introduce new functions into the system and change it appearance and remove system applications.
But, from the point of view of virus protection, obtaining Root rights creates a number of problems. For example, you will not be able to receive operating system updates. Root access also opens up additional holes for viruses to penetrate into the Android operating system.
The danger of obtaining Root rights is so high that many banking applications refuse to work if they detect that the user has gained such access.
Tip #4: Use an antivirus.
Antiviruses on Android smartphones are not as effective as on PCs, but they still provide some level of protection. Therefore, if you want to protect your Android smartphone from viruses, then you should not neglect this opportunity to slightly increase the level of security.
To install an antivirus, go to the store Play applications Market and take advantage search bar, which is at the top of the screen. Enter search query“Antivirus”, study the list of available antiviruses and select any of the ones you like.
Tip #5: Update your operating system.
– the basic principle of security for any operating system and Android is no exception. Updates often fix vulnerabilities that allow viruses to penetrate the system and steal user data.
Therefore, if there are updates for your smartphone that can be installed, then they must be installed. This applies to both the Android operating system itself and the applications that are installed. Everything must be updated to the latest version available.
Do you really value your personal data and files that are on your smartphone or tablet? Android provides multi-level protection that allows you to protect the contents of your device.
Let's assume that you have a smartphone or Android tablet and suddenly it was stolen... Naturally, the loss of a loved one mobile device This is already a big loss, but also absolutely all your files and data will become available to an attacker if you have quite confidential information or data there credit cards, then this is a significant loss! This article will provide solutions on how to protect yourself from personal information falling into the wrong hands.
Connected Google account
It seemed that what had to do with the presence Google account? If you connect your Google account, you can use the device management service and remotely detect Android, block it or delete all your personal data, the only thing is that you must always have the Internet turned on.
Secure screen lock
Undoubtedly remote blocking or deleting all information, great way secure the information, but if the device is blocked in a simple, conventional way
the attacker will have time to quickly turn off the Internet and then you will not be able to delete anything. It's worth thinking about more in a safe way blocking. In the Settings menu -> Lock Screen -> Screen Security -> Screen Lock
It is possible to choose other blocking methods that are more secure:
- Slider - regular blocking
- Face unlock - unlocking the screen by displaying your face (unreliable, a printed photo of your face or video is enough)
- Graphic key - entering a secret pattern (the most reliable)
- PIN code (not SIM) - enter a digital password for unlocking (secure)
- Password - enter a alphanumeric password (strong)
SIM card PIN code
Since we are already talking about security, it is worth additionally enabling the PIN code on the SIM card, this will allow you to block the device even at the stage of turning it on. Also, the PIN code on the SIM will allow you to be sure that no one will be able to use it and save the data on the card. To enable PIN code on SIM go to menu Settings -> Security -> Configure blocking -> Sim card blocking
Hide files
It's over this method will not protect 100% from an attacker, but at least it will allow you to keep them invisible for a certain period of time. For more information on how to hide files, read the dedicated article on hiding data.
Data encryption
This method will allow you to be 100% sure that your data will not fall into the wrong hands and here’s why: if the attacker was unable to crack the PIN code SIM cards and he threw it away, or if he stole the memory card, then all these files will be encrypted and will not be able to use them. Therefore, the Data Encryption method, coupled with the previous methods, gives the most best effect. To enable encryption, go to Settings - Security - Encrypt data, then put the device on charge and start the process. Please note that the process cannot be interrupted and it lasts at least one hour!
How to make life a little easier - Smart Lock
Of course, the security of personal information is good, but sometimes entering passwords drives you crazy! WITH Android versions 5.0 Lollipop Google company introduced new feature Smart Lock. The meaning of this Smart functions Lock - make life easier without having to enter a password or key again. Read in detail in a special article about Smart Lock.
Blocking in the application
Let's say you need to give a friend your Android smartphone or tablet, but you wouldn't want him to go into other applications and see personal information. With Android 5.0 Lollipop, Google has added a new feature " blocking in the application"which allows you to pin one single application on the screen without the ability to exit it in the standard way.
How to enable "app lock"?
Go to Settings -> Safety -> Blocking in the application
Now to activate this function click the "browse all" button running applications"(square) and on required application Click the Pin button. To end this function, click the “review all running applications” and “back” buttons.
You can see how this function works in general in the video attached below.