In most instances downloading an app to your device will be safe, providing the source is a reputable app store or at the request of a company you know and trust.
However, there is an increasing number of incidents being reported whereby downloading a software application from a third party has led to smartphones or tablets becoming infected with malicious software. This malware can then enable someone to take control of your device and give cyber-criminals access to your contacts, passwords, and financial accounts. It is therefore important to be aware of the dangers in order to prevent this from happening.
In order to help protect your computer and data, our advice is fairly straightforward – only download files, apps, and plugins from trusted sources.
How do you know it is a trusted source?
The two main app stores are the Apple App store for Apple devices and the Google Play Store for Android devices. Both of these providers have strict moderation policies in place that app developers have to pass in order for their software to be made available. So, it is unlikely that an app downloaded from either of these sources will contain a virus.
Higher risk sources
Apps that aren’t on the above app stores may not be moderated, but this does not mean that the app a trusted supplier suggests you download to help you work together more efficiently, won’t be safe. However, more caution should be taken to ensure what you are about to download, is a bonafide request and not an act of deceit.
What are the dangers?
The consequences of downloading a malicious application can include:
- Data theft: As soon as it is launched, the application can access data stored on the phone and send it to a third-party server. This information can then be sold, shared online, or used to extort money from the victim.
- Premium subscriptions without consent: The application registers users to a premium service without their consent. Users are charged without receiving the service and by the time they realize the problem, it is already too late.
- Advertising click fraud: The application uses a program to abuse banner ads, a technique that consumes hardware and software resources, and costs money to publishers and advertisers alike.
- Launch of an infected app: Under the guise of a legitimate application, the malware steals information, slows down, or even takes control of the phone. It can also use phone resources to mine cryptocurrencies or share an Internet connection.
- Spying: The application monitors activities on the phone, intercepts communications and geolocates the user in real-time.
- Rooting: Hackers managed to take full control of the phone remotely. They can send emails and messages impersonating the user, activate both camera and microphone, and access files stored locally and in the cloud.
Prevention
The first step is to educate your employees on the dangers of downloading apps and to have security protection and restrictions on devices to prevent unauthorised apps from being downloaded onto work devices. Employees should also be aware of the policies and procedures your company requires them to follow, in respect of IT security and data protection.
If you’re not sure about an app, don’t download it – and seek advice from your IT provider.