This is something we should (as trusted public libraries) share widely – especially during the COVID-19 Lockdown.
There is a ton of app downloading going on now both Android and iPhone. Many are totally trustworthy but bad actors are taking advantage of this emergency period to encourage people to download all sort of malicious apps — they contain viruses, worms, malware or some other way of harming you. They might steal things like your personal information, others’ contact information, or passwords and share them with others. Luckily, there are steps you can take to avoid downloading a malicious app.
So, let’s be safe out there:
Advice:
- Tell your kids they can’t download new apps without checking with an adult first.
- Teach your family and friends to share best practices – see below.
Best Practices:
- Read the reviews. People will share warnings as well as whether they found it good or not.
- Check how long the App has been available. If it’s pretty new, be careful.
- Check the publisher and source – is this app from a trusted brand (reputable games developer or social network?)
- Check your phone:- find and use it’s malware checker or get a decent one.
- Download anti-malware. The first step to making sure that your apps are safe is to download security software. You have it on your computer, right? Your phone needs it too.
- “Look at the app’s product page. Seeing lots of misspellings? Grammar that doesn’t make sense? Something off-putting about the screenshots? Maybe it’s worth ignoring the app.
- Don’t take an app’s promises at face value. It never hurts to run a quick web search to see if anyone else has reviewed, talked about, or used an app you’re considering downloading. Odds are good that the odd app you found is more likely to be unwanted than a diamond in the rough.
- Read App Store reviews. Does an app have any? If not, get nervous. Does an app have a decent number of five-star reviews, and only five-star reviews, that are all phrased really strangely? Avoid. Let others help you figure out whether an app is legit or not—or trying to entice you into downloading it with fake reviews—before you download it.
- Consider an app’s permissions. If it wants to access your camera and microphone, but it’s supposed to be helping you clear out your contact list, that should feel like a very strange request that warrants a little extra research.
- Don’t download apps that don’t come recommended. When in doubt, this is a great way to avoid scammy apps: Don’t download things that haven’t already been vetted by other, more professional entities: online reviewers, your favorite tech websites, Apple itself, et cetera. Just because your friend thinks some weird app that puts dumb stuff on your face is worth a download doesn’t mean that you should run to the App Store and grab it immediately. A little due diligence can save you a lot of future stress—and help keep your data private and secure.”
Cautionary Story:
Read this before using FaceApp — you give up more personal data than you realize on this Russian-made app: FaceApp has gone viral again with a feature that makes users look elderly, but experts say it may pose security concerns
How Stuff Works: How do I know if an app is safe?
https://computer.howstuffworks.com/know-if-app-safe.htm
How to check your Android phone for malicious apps: Google Play Protect is built into Android and is already hard at work.
https://www.cnet.com/how-to/how-to-check-your-android-phone-for-malicious-apps/
How Can You Tell if an App Is Malware?
https://lifehacker.com/how-can-you-tell-if-an-app-is-malware-1838287887
Mysterious iOS Attack Changes Everything We Know About iPhone Hacking: For two years, a handful of websites have indiscriminately hacked thousands of iPhones.
https://www.wired.com/story/ios-attack-watering-hole-project-zero/
“HACKING THE IPHONE has long been considered a rarified endeavor, undertaken by sophisticated nation-states against only their most high-value targets. But a discovery by a group of Google researchers has turned that notion on its head: For two years, someone has been exploiting a rich collection of iPhone vulnerabilities with anything but restraint or careful targeting. And they’ve indiscriminately hacked thousands of iPhones just by getting them to visit a website.”
As is often the case, a simple Google search can be your friend.