How You Can Protect Your Android Smartphone From Virus And Hackers

Posted by Chris Iteh

Why should you be worried about protecting your android devices from virus and hackers?

Android is the most widely used mobile operating system in the world. It currently holds more than 65 percent of market shares globally with over a billion users. Unfortunately, this makes them favorite targets by hackers.

Androids are also easy targets since they are a bit more open than their Apple counterpart. Their ability to download items directly from the internet leaves your smartphone and tablet more vulnerable, and hackers can easily take advantage of this. Android users can also download, install and remove third-party applications from unreliable sources.

The recent spate of malware app, especially after malicious apps caused a scare in Google’s own official store, have left many users worried about how to protect their device.

Just think of the nightmare the now infamous Trojan, DroidDream, caused. It has the ability to “root” any phone it was installed on, giving total control to the one who created it.

Happily, Google eventually got rid of the malicious apps and patched them up so as to make them resistant to such trojans. They also put some measures in vetting apps to appear on their market.

Consider also another malicious Trojan known as Android/Trojan.Agent.JI that often masquerade as Flash Player update. When it’s installed, the malware creates a fake “Saving Battery” in the Android system and urges a victim to grant permission to access crucial areas in the phone. Once permission is granted, the malware monitors the user’s action so as to feed the developer information that will enable him mimic clicks and steal contents.

With threats like these, it behooves on you to take precautionary measures to protect your smartphones.

However, internet security begins with knowing some crazy terms like malware, virus, Trojan, ransomware, spyware, phishing, rootkit, keylogging, adware, scareware, spam, and worms. But we can't go into that now.

Below are precautionary measures that you can take right now to inoculate your device from virus attacks and keep hackers at bay.

Download Apps Only From Official Stores And Trusted Source
In the case of the Android/TrojanDownloader.Agent.JI malware, it was distributed through sites that are already compromised, including adult video sites and social media. So it would be wise to avoid downloading and installing apps from "Unknown Sources." Instead, download apps only from reputable and trustworthy stores like Google Play Store that do some vetting before allowing apps on their store.

The warning to download apps only from official stores is often the dogma guarding against malware. Still that does not necessarily mean that those stores are 100% safe as can be seen in the case of DroidDream malware incident. Google doesn’t “whitelist” every app like Apple does with iOS. They largely allow developers to post new apps tub o the app market virtually at will. Shady developers who were able to see this as an opportunity pirated existing apps and re-posted them with slightly different names (and the trojan) on the market.

So, you need to be careful before downloading. Do some research by checking out the ratings and reviews of an app, as well as, the privacy policy. Also, take a detailed look at what permissions and rights you are granting to an app you are about to download and install on your phone.





Lock Your Phone With Password/Pin
Secure your phone with a password or pin lock. This is the easiest way to protect a phone and its an easy thing to do, yet many people don’t see the need to do it. Yet a smartphone device need to be kept locked as would a front door to prevent intruders from gaining in.

However, if you find it hard remembering passwords, you can go for a pattern lock instead.

Using a fingerprint lock will be even better. While this alone won’t ensure complete protection, it will prevent anyone from finding a way to hack your device by just looking at it. And it’s also useful in preventing anyone from gaining access to your data when you accidently misplaced your phone.


Lock Your Apps Securely
You must make sure to lock individual apps (especially those like mobile wallets) with passwords. Some smartphones come with the built-in security locking features. Some apps also include built-in locks. And there are numerous third-party security apps available on the Google Play Store that you can use to lock individual apps.

Update Your Android Operating System/Apps As Soon As They Available
There’s a reason why developers constantly provides update. Most of the time is to make bug fixes in order to patch up holes that hackers can exploit and to make phones run smoothly.

According to Santorelli, director of analysis and outreach for Lake Mary, a Florida-based threat-intelligence firm Team Cymru, “patches are crucial, even for third-party apps that aren't part of the operating system."

He said that "every mobile operating system and most applications will come out with patches all the time."

According to him, "Researchers find holes in software and developers fix them, hopefully, before too many hackers start to use them to compromise your system."

In the DroidDream scare, the hackers were able to penetrate most phones with their malicious apps through known vulnerabilities in Android. But those vulnerabilities were patched up in more recent versions of the OS.

So it makes sense to update apps every time the Google Play stores tell you to. And accept the upgrades to the latest operating-system versions when they arrive.

Granted, Android is fragmentized – it’s hard to know what version your phone can upgrade to – but when you do get an upgrade notification, you should not hesitate to install it.

In a future article, I’ll show you how you can manually upgrade your old Android OS.

Note: If your smartphone no longer gets OS updates or security patches, then you should see about getting a new phone that does.


Avoid Viewing Sensitive Information On Public Wi-Fi
Wi-Fi has been around for some time now and it has proven to be one of the most beneficial inventions for personal computers in the last decade. Many even prefer it to dial-up networking (modem) as it makes it easy to access the web anywhere or any place. But that is exactly where the problem lies – anyone can walk into that place and get on the same network you’re using.

Once a piece of data leaves your device headed for a web destination, it transfers through the air on the wireless network. A hacker nearby with a piece of software that searches for data being transferred on a Wi-Fi network can intercept your unencrypted data.

So always avoid using public Wi-Fi networks if you can. If your Wi-Fi network is unsecured, you should think twice about doing anything particularly sensitive, like internet banking or shopping. Also, make sure your phone doesn’t automatically connect to Wi-Fi networks when in their range. Always keep Wi-Fi switched off when it’s not required.

Configure Bluetooth Settings
Make sure your device is set as ‘Non-discoverable’ in its Bluetooth settings. That’s because if they are always set as visible, they'll be easy target by hackers. So just like Wi-Fi, Bluetooth should also be kept switched off when not in use.

Never Click On Any Link You Do Not Expect To Receive
One favorite tactics that criminals use to infect phones with malware is by luring users to click on a link or open an attachment via emails. You can sometimes this by the spelling mistakes and poor grammar. But nowadays, hackers are getting smarter. Social media has helped criminals profile individuals, allowing them to be much more easily targeted. For example, a hacker just go through your facebook and see what you're interested in or what you post about and send you crafted messages, inviting you to click on something. You should not easily fall for that. Do some check up on the genuineness of the message first before clicking.


Don’t Use The Same Passwords On Different Sites 
It’s typical for individuals to have multiple online accounts. But they don’t want to be in a situation where they can’t remember their password. So they use one or two passwords across accounts or use very simple ones, such as names of loved ones, pets or favorite sports teams. In doing so, they expose themselves to hackers. With just one data breach or password hack, criminals could gain unlimited access to several accounts in a very short time.

To ensure the safety of your data then, use a unique and complex password (Longer ones, with numbers and symbols included) for each of your account. Passwords like these are often hard to crack.

And never reuse an email password for if a hacker cracked your main email password, he can trawl through your emails and find a treasure trove of personal data: from banking to passport details, including your date of birth.

Also, try to constantly change your passwords every few months for the longer a password remains unchanged, the greater the chance it has fallen into the wrong hands.

Of course, carrying all this out would mean having to memorize more than 100 passwords, which is really daunting. Happily, there are password managers that can help you with this. Services like 1Password and LastPass can securely store all login information and can even be used to generate random passwords to heighten security.

Ignore Pop-Ups
Ignore pop-ups as they may well be containing malicious software which can trick a user into verifying something. If and when eventually you do download will be performed in the background, which will install malware.

Install A Mobile Antivirus App
Installing a security app (from a trusted source, of course) and constantly scanning your whole device at least once a week should also is also a priority, considering the kind of important information our devices carry. So install a good antivirus, such as, Avast, Norton, 360. The apps are often free to download from app stores, and there can be extra benefits as well.

In a future post, I’ll list out the best antivirus to go for in securing your device.

Get A Google Authenticator
Google authenticator is a Two-Factor verification that generates a code whenever you or anyone wants to login to your bank account or wallet (such as paypal or blockchain) via the web. This adds an extra layer of security to your accounts.

Each time you want to login, or make any transaction, it will ask for a code from your Google authenticator. That code must be entered before a user will be authenticated to move on. Any other person who tries to gain access to your phone must know first your username and password to generate the code before he or she can login. No one can login remotely because the final authenticator is with you. This may seem like a waste of time but the benefits are worthwhile.

What’s best about Google Authenticator is that it works offline, and even for some non-Google services. Although there are other 2-factor verification apps available on Play store, Google’s own is the best.

Note: Try to understand how to use Google authenticator very well before you use it otherwise you could be denied access to your own account if you misplace your phone. Once you download Google authenticator on your phone, please scan the barcodes of all your accounts.

Conclusion
Smartphones and tablets are just as vulnerable as regular computers. Since your phone is a gateway to a lot of data, both personal and financial, malware is designed to break in and steal them from you.

Hackers are constantly changing their tactics to trick users into installing malware into their devices. So take action. Getting lazy now could wreak havoc on your device, and all the networks it’s connected to. The old adage also holds true here, “prevention is better than cure.”