In early September, Apple removed several Trend Micro anti-malware tools from the Mac App store after they were found to be collecting unnecessary personal information from its users, such as browser history.
It is a good reminder that not all security apps will make your online movements more secure, and in some cases, it could be worse than doing nothing at all. It is wise to do your research before you download that ad-blocker or VPN, here is why:
There is a range of tools people use to protect themselves from cyber threats:
Virtual private networks (VPNs) allow you to establish a secure connection with a remote server and route all your traffic through it so it can’t be tracked by your internet service provider. VPNs are commonly used to access geo-blocked content and for additional privacy. Ad-blockers prevent advertisements from appearing on the websites you visit.
App-lockers allow you to set passwords for individual apps. For example, if somebody borrowed your phone to make a call, and then tried to access your Facebook app. Tor hides your identity while you browse the internet, by encrypting and moving your traffic across multiple Tor nodes.
Knowing the risks can save your online life
There are multiple dangers using these kinds of security software, especially without the proper knowledge, and some of these risks can include; accessing unnecessary data, creating a false sense of security and software going rogue.
Accessing unnecessary data
Many security tools request access to your personal information, in fact, in many cases, they need to do this to protect your device. A most well-known example would be an antivirus software, which requires information such as your browser history, personal files, and unique identifiers to function. However, in some cases, tools request more access than they need for functionality, which was the same case as Apple's Trend Micro apps.
Creating a false sense of security
Surely it makes sense when you download a security app, that most of the users believe that their online data is more secure. However, sometimes mobile security tool does not provide security at the expected levels or do not provide the claimed services at all. So, if you are thinking that you can install a state-pf -the-art mobile malware detection tool, and then take risks online, well, newsflash, you are mistaken.
Back in 2017, a study showed that it was not hard to create malware that can bypass 95% of commercial Android antivirus tools. Another study showed that 18% of mobile VPN apps did not encrypt user traffic at all.
And if users are trying to use Tor, there are many mistakes that users can make that will compromise your anonymity and privacy – especially if you are not familiar with the Tor setup and try to modify its configurations. There have also been reports of fake antivirus software, which opens backdoors for spyware, ransomware an adware, occupying the top spots on the app charts. Earlier this year it was reported that 20 million Google Chrome users had downloaded fake ad-blocker extensions.
Some software might be going Bonkers
Numerous free – or paid – security software is available in app stores created by enthusiastic developers or small companies. While this software can provide handy features, they can be poorly maintained. More importantly, they can be hijacked or bought by attackers, and then used to harvest personal information or propagate malware. This mainly happens in the case of browser extensions.
Know exactly what these apps are taking from you
Permission requests of the top 10 Android antivirus, app locker and ad blocker apps. The table below shows the different categories of personal information that a number of top rated antivirus, app-locker and ad-blocker apps request to access when you install them on your device.
So, How should you 'be safer'?
1. Do you really need a security app?
If you stick to the official app store, install a few apps, and browse only a routine set of the website, you are probably safe from all of this. Instead, simply stick to the security guidelines provided by the manufacturer, be diligent about updating your operating system, and do not follow links from untrusted sources.
2. Using antivirus software?
If you do, or even before you select one, read about the product descriptions and online reviews. Stick to solutions from well-known vendors. Find out what it does and most importantly what it does not do. Also, make sure you read the permissions it requests and sees whether they make sense. Once the antivirus is installed, update the software as required.
3. Make sure you are aware of other security tools
Only install other security tools, such as ad-blockers, app-lockers and VPN clients, if it is absolutely necessary and you trust the developer. The returns from such software can be minimal when compared with the associated risks.