How to Protect Yourself from Android Phishing Attacks
Everyone knows to watch out for phishing attacks on their home computers. But, many people don’t realize that they are also vulnerable to phishing when using an Android phone. Svpeng, a malware infection that got onto as many as 350,000 Android devices last year, targeted users in a number of ways.
The program, which attacked upon opening Google Play, would steal banking credentials by opening and additional browser window asking for credit card information. The program also worked as ransomware, locking users phones and demanding $200 payments via Green Dot MoneyPak cards to unlock the device.
While the creators of Svpeng are being prosecuted, they are just one of many hazards out there for Android users. To keep yourself safe, we recommend:
- Stick to well-known and legitimate app stores. Generally, using Google Play, Amazon’s app store and your phone manufacturer’s sites are safe. Read reviews before downloading to see if others report problems.
- Enable scanning on your phone. Almost all Android devices come with this setting enabled. To ensure that your phone scans apps for viruses, check your security settings to verify that scanning is indeed on.
- Install system updates. Google, your phone manufacturer and your carrier are constantly releasing updates that can make your phone more secure. Keep your phone up-to-date to avoid vulnerabilities that exist in earlier builds.
- Use common sense. If you’ve already entered your payment information into your Google Play account, there is no reason you need to enter it again to buy a new app. If you are not sure whether an app should be asking for financial information, err on the side of caution.
- Consider an anti-virus program. If you tend to download new apps or ones from unusual markets, put some protection in place first.
Attempts to steal your personal information are a fact of life in the digital age. But, with some common sense and some caution, you can keep your identity safe and avoid the hassles of a malware attack.