Antivirus has remained a very fashionable word for the past decade. If 15-20 years ago, the availability of additional protection was necessary, then times have changed, and modern operating systems have become largely self-sufficient in terms of security.
Recently, Android mobile OS has received very effective security improvements, including the built-in antivirus Google Play Protection. Therefore, a reasonable question arises: is it necessary to install a third-party antivirus or look for some free antivirus tools? Let’s try to understand.
How Is the Device Used?
Android is a vast ecosystem that has earned its reputation for relative openness compared to iOS. You can download apps and APK files from any source; you can configure root access on your device and install another Android-based system. The more actively you modify the system, the more likely it is to damage your device. You probably know the potential risks and take the necessary precautions.
For example, you need to be careful when downloading APK files from third-party sources, and not from the Google Play app store (to do this, you need to allow the installation of applications from unknown sources).
When you download APK from third-party sites, the built-in Android antivirus Google Play Protection can no longer help you. If you are not sure of the source of the application, you should consider installing antivirus for Android to provide additional protection.
Google Play Store is Not Completely Safe
Over the years, Android has become a fairly reliable OS. Along with a steady stream of additional improvements, in 2017, Google introduced the Play Protection security system, which uses machine learning technologies to scan the Google Play app store for malicious applications.
Google Play Protection can also analyze apps locally on your device. You can manually run the scan by going to Play Market > My Apps and Games > Updates and clicking the update icon at the top of the screen.
Play Protection is a great feature, but it does not guarantee absolute security. Sometimes it happens that some malicious applications remain in the store for six months. So, for example, last year on the site were found alarm clocks and scanners of QR codes that contained Trojan AsiaHitGroup – at that time, they managed to load several tens of thousands of users.
This Trojan ran a payload to gain full access to the device and control over the user’s personal data.
Earlier last year, researchers from Trend Micro found 36 fake antiviruses on Google Play that installed malware on devices, caused false warnings, and showed ads. These applications also tend to request an unreasonably large number of access permits to steal personal data.
It is also worth taking into account the speed and fragmentation of the Android update process. While devices on pure Android receive security updates immediately after release, it is known that manufacturers of some devices with modified versions of the system delay the release of patches for several days or even weeks.
What Should Be Done?
The easiest tip is don’t download apps unless you’re sure they’re safe and secure. Malware is the most serious threat to Android security, so you should always check its legitimacy before downloading it.
Try a little research:
- Has the application received the label “Editor’s Choice”?
- Has the application been created by an authoritative developer?
- Does the application have good ratings?
- What feedback do users leave about the app on Google Play and on forums on the Internet?
By adopting this approach, you will no longer feel the need to install a third-party antivirus for Android. However, if you still fear that you can download something malicious from a dubious source, then the Android antivirus application will help ensure security in this case.
In Case You Don’t Want to Install Antivirus
Fortunately, there are several ways to identify dangerous applications.
Researchers from RiskIQ analyzed more than 120 sites to distribute mobile applications around the world. They recommend that users pay attention to three main things when assessing the legitimacy of the application.
If your app’s permissions don’t match the features you’re announcing; you should be careful. Try answering the question yourself, does the app really need access to your phone calls, SMS messages, or billings to perform its functions?
Developers using free mail services
Malicious app developers also often use contact email addresses registered with free email services such as Hotmail, Gmail, and Yahoo.
Consumers are advised to ensure that the contact address is valid. For example, an application contact supposedly from a well-known brand will not use the firstname.lastname@example.org address.
Another cause for concern is the complete absence of a contact email address. A small search engine study based on the information provided and a critical evaluation of the results should be necessary before even thinking about downloading an unknown application.
Short and careless description
A large number of downloads and good reviews are not a guaranteed sign of a legitimate application. Good reviews can be forged or paid, and a large number of downloads can indicate a large number of victims of deception.
It is useful for users to look at the description of the application: poor grammar and meaningless exposure, on the one hand, may indicate poor language proficiency, but this is also one of the hallmarks of malicious mobile campaigns.
Threat developers monitor trends
Attackers are usually attracted to trending topics – popular applications and games, upcoming holidays, and important dates. For example, in August and September, the topic of “back to school” is actively developing – cybercriminals will also not pass by.
When the researchers used the “back to school” query, they found 9,343 applications on the analyzed sites. Of these, 1,182 applications (12.7%) turned out to be malicious. At the same time, 333 dangerous applications were in the Google Play app store, despite increased security measures.
The fact that thousands of malicious applications are present in popular stores such as Google Play shows that consumers have to rely only on themselves to determine the security of an individual application.