Early this month it was revealed that Android users, the operating system used by most brands of South African smartphones, were vulnerable to a major security flaw.
Check Point, a large Internet security firm, disclosed that around 13,000 Android smartphones per day are being breached by a malware called “Gooligan”.
Like most hacks, this particular threat relies on the you to download apps via unsafe stores that contain malware which is specifically targeting the Google accounts of Android users. It appears that this malware targets the user’s Google accounts by stealing their authentication/passwords and presents an opportunity for criminals to access data on your Gmail, Google Docs, Google drive and other Google services – hence the name “Gooligan”.
If you download your apps from the apps store on your phone or Google Play, you are okay, because Android require app developers to go through a quality assurance process, but if you have installed innocent-looking, albeit booby-trapped software from app stores outside Google’s authorized Play store, then you are at risk.
If you’re unsure as to whether your device has been infected, a free service has been set up by Check Point to check user names.
This Check Point service requests users to enter their email address. A search is then conducted against known compromised accounts.
Google Android is the world’s most popular mobile operating system, but an ‘open’ operating system, which basically means that smartphone manufacturers are free to alter Android to work in any way they want, and anyone can release apps for it.
However, this also means Android is more prone to malware than other mobile operating systems. The logic is simple, if you wouldn’t use a Windows PC without malware protection, then you shouldn’t leave your Android smartphone exposed.
Fortunately, protecting your Android smartphone or tablet is straightforward — and free:
Step 1: Update your version of Android…
It’s important to keep your Android software up to date. As well as new features, each update includes bug fixes to help protect your phone.
Tap the Settings icon, then scroll down to About phone (or About tablet) – Software (or System) update.
You’ll see your update status, including whether your software is up to date.
Step 2: Prevent app installs from unknown sources…
Check that your Android device is set up to only allow app installations from the Google Play store.
To do this, go into the Settings – Security. Scroll down and under Device Administration look for Unknown sources. Make sure this is unchecked.
Step 3: Restrict downloads with a password…
If other people use your Android smartphone then it is essential to enable a password for installation of new apps. This is especially important for parents who don’t want their children installing sometimes expensive apps without their knowledge.
Launch the Google Play store app then tap the menu button at the top right – it looks like three stacked dots. Now tap Settings and look for User Control.
Tap Parental Controls and turn the slider On. You’ll be asked to Create content PIN.
Step 4: Read and understand permissions…
When you tap the Install button in the Google Play store, your Android device will display an App permissions dialogue box.
Scroll down and tap See all to view everything that the app wants to access on your handset.
Some apps have a legitimate need to access certain features of your smartphone. A web browser, for example, will need access to the internet, while a photo app will need access to the device’s storage.
If in doubt, or if you don’t want to share the information, don’t install the app.
Step 5: Install free antivirus software…
You should install antivirus software onto your Android smartphone. Fortunately, this is both easy and free.
There are plenty of good free antivirus products on the Google Play store that will protect against viruses and malware, blocking dangerous links and some even help you find your phone.
Step 6: Finally… Use common sense…
Protection is all well and good, but it pays to be cautious.
First and foremost don’t click on suspicious links and always delete anything that looks suspect. Email hacking is very common – you may receive an email from a trusted source containing a YouTube link with an unusual heading – don’t click on the link and, if your email app allows it, flag the message as spam or junk mail.
Additionally, if you get a spam text message informing you you’ve won a prize, delete it. If you haven’t entered a competition, you’re highly unlikely to have won a prize.