Android is the most popular consumer computing platform in the world, used across billions of phones, tablets, smart TVs and other connected devices. However, its popularity and distinctive structure – under which carriers and manufacturers may heavily modify it – make it a magnet for cyberattacks.
As an Android user, what can you do to stay safe? Let’s go through some of the most reliable steps you can take to reduce risk.
In July 2019, security researchers flagged an Android-specific ransomware strain that was typical of the types of threats that often compromise unsecured devices, in that it:
- Included links to malicious applications that were not scanned for vulnerabilities by the official Google Play store.
- Was delivered via SMS text messages, which are more prominent on Android than on iOS, due to the lack of an equivalent messaging platform to Apple iMessage.
- Resembled an advertisement, promising benefits such as free photo uploads or online sex simulation.
The good news is that this particular threat didn’t cause widespread harm, due to some intrinsic flaws limiting its efficacy. Still, it’s prudent to realize that such dangers exist. As an Android user, what can you do to stay safe? Let’s go through some of the most reliable steps you can take to reduce risk.
1. Keep everything (even the type of device you have) up-to-date
Outdated software has long been recognized as a major security liability, as it contains known vulnerabilities that malware can exploit. Just as risky, though, is outmoded hardware.
Every Android phone or tablet has a de facto expiration date, namely a point at which it can no longer receive the latest operating system or application updates. This type of obsolescence is often the result of its hardware capabilities no longer being sufficient to handle the requirements of cutting-edge software.
While there’s no hard and fast rule about when Android devices usually become obsolete, it’s prudent to think about upgrading if you haven’t done so for more than three years. That’s usually the timespan after which even flagship Pixel and Nexus devices from Google itself have fallen out of official support.
2. Don’t download anything from unofficial app stores
Unlike iOS, Android offers multiple sources from which to download software without having to sideload or go through a similarly complex procedure. Some of these storefronts, like ones maintained by device makers such as Samsung, are safe and can be used in conjunction with or as alternatives to the Google Play store.
Others, though, are more risky. If a storefront isn’t affiliated with Google or an original equipment manufacturer (i.e., the company that made the device), it should be avoided. Also, do not download software directly from a website. That’s what caused trouble for the victims of the ransomware strain discussed earlier.
Most of the time, you won’t have to take any action to stay safe from unofficial stores and unvetted apps. Android devices typically are set to accept software only from Google Play or a store like Samsung Galaxy Apps by default. Simply leave that setting alone to stay safe.
3. Install and run antivirus software
Among mobile operating systems, Android has a unique need for modern antivirus (AV) software. Its relatively open structure and fragmentation across different versions, devices and vendors means that there’s potentially many exploitable attack surfaces.
Solutions such as Total Defense Mobile Security provide real-time protection against the most common threats facing Android users. It also includes other features such as the option to lock or erase data on a lost or stolen device.