Mobile malware is becoming increasingly popular as an attack vector. Earlier this week Check Point research published its Cyber Attack Trends report which showcased the most popular malware in 2018 so far.
Within that report was mention of theTruthSpy. This malware is new to the mobile world, emerging earlier this year and it is able to monitor WhatsApp, Facebook and internet browsing history. Older mobile malware variants such as Triada can steal credit card and other financial data.
The long and short of it is that your smartphone is as vulnerable to malware as your laptop or PC. The best offence against mobile malware is a good defence and luckily securing your mobile phone from the nasty software is easier than you might think. iPhone users, you are also at risk of mobile malware even if Android is easier to gain ownership.
Make use of the official app store
Side-loading apps is a rather popular activity among smartphone users. Thanks to the system’s openness relative to iOS, folks can install almost anything they want on their smartphone without having to use the official app store.
While side-loading might be a way to get access to apps that you might not be able to get, it’s also a great way for cybercriminals to hide malware in Android Packages or APKs as they are more widely referred to as.
At the end of the day, it’s simply safer to use the official app store which monitors all apps to ensure they aren’t hiding malware.
Install an anti-virus/anti-malware solution
Much like your PC or Mac, there are free and paid-for anti-virus and anti-malware products available to download. We recommend opting for a solution from a reputable brand such as Kaspersky Lab, Avast or Norton.
It’s also worth being wary of the permissions apps ask for when they are installed. If you’re installing a game, for instance, there’s no reason it should have access to your messages.
Factory reset your phone every three months
This bit of advice comes to us from the Wireless Application Service Providers’ Association (WASPA) in South Africa and we have to say that this makes sense.
Malware can hide on your smartphone for ages without being detected "While most of these malicious apps don’t create any home screen icons that would usually alert mobile users to their presence, they can almost always be found under device Settings," says WASPA board member Tanya Howard-Thelander.
"Once found under App Settings, malicious apps can be deleted or uninstalled with a factory reset of the device," says Howard-Thelander.
Of course – before you wipe your phone completely – you should back up any data you don’t want to lose. We also recommend unlinking any two-factor authenticators you might use. Just remember to reinstall and relink those authenticators after resetting your handset.
This might seem extreme but malware can be devious and, even if you delete it, there’s no telling if that malware has embedded itself somewhere you can’t see it.
Above all else be vigilant. Don’t click on links from random emails and be aware of what apps you are using and what permissions they have requested.
For cybercriminals, your smartphone is just another attack vector and for that reason, you should be securing it as well as possible.