View All Pages

App Security

App_Banner_Canvas.png

 

In the summer of 2016, the release of Pokémon GO was a highly anticipated event. Hackers knew there would be a high demand for the app and soon malicious copycat versions of the game and game guides flooded app stores. In a matter of months, over 12 million people downloaded these malicious versions of Pokémon GO. Now the phone activity of 12 million people – their internet use, text messages, photos, and more - was in the hands of the developers of these apps.  

Any app you download has the potential to ruin your entire device and online life. But if you take a few minutes to do some basic research on anything you plan to download you can dramatically decrease your exposure to malware-ridden apps.  

Did you know...

Google took down over 700,000 malicious apps Links to an external site. from the Google Play Store in 2017 alone.

How can you protect yourself? 

Only shop in official stores. 

  • Official app stores regularly check the security of the apps being added to their stores. Unofficial app stores will have few if any security protocols in place to protect their users. 
  •  If the app requires you to "allow downloads from an unknown source" you shouldn’t download it. 

Watch out for copycats

  • Some malicious apps will try to duplicate the appearance of popular apps. If you are unsure whether you are downloading the original and trusted app, look for the name of the app publisher or developer in the store.  
    • Ex. If you are downloading Gmail and the publisher says anything except “Google” the chances are good it's not a legitimate app. 
  • While it's generally better to avoid apps with a low number of downloads, you shouldn't inherently trust apps with a high number of downloads either. Remember over 12 million people downloaded malicious versions of Pokémon GO before they were pulled from app stores.
  • Similarly to how the number of app downloads may not be helpful in deciding whether to download an app, checking an app's ratings and reviews may not provide useful information either.
    • Hackers will skew app store ratings with artificial reviews because they know users are more likely to download an app that is highly-rated.

Deny suspicious requests

  • If an app is asking for permissions that are unrelated to its purpose you should deny that permission. 
    • Ex. If an app you downloaded to play Minesweeper asks for permission to access your phone’s microphone it is probably not a safe app and you should deny its request. 
  • Regularly check the permissions you have given apps in your phone or computer’s settings to ensure you aren’t jeopardizing any personal data. 

Software updates = Software security

  • Regularly updating your app and operating system software greatly reduces the risk of a security breach. Hackers take advantage of gaps in software security to access your devices and data. When software companies become aware of these security gaps they will close them in updates that are sent out to app and operating system users.