5 ways in which native apps can harm you & your device

Native apps are extremely easy to install  & use by even lay people but even the most experienced users can fall prey to evil apps

This list from a Google blog post explains how they can be harmful:

“Potentially Harmful Applications,” or PHAs, are Android applications that could harm you or your device, or do something unintended with the data on your device. Some examples of PHA badness include:

  1. Backdoors: Apps that let hackers control your device, giving them unauthorized access to your data.
  2. Billing fraud: Apps that charge you in an intentionally misleading way, like premium SMS scams or call scams.
  3. Spyware: Apps that collect personal information from your device without consent
  4. Hostile Downloads: Apps that download harmful programs, often through bundling with another program
  5. Trojan Apps: Apps that appear benign (e.g., a game that claims only to be a game) but actually perform undesirable actions.

Just because the app has been downloaded from Google Play store doesn't guarantee that it is safe. This statement from a blog post on the Google Security blog, doesn't inspire confidence -
We continued to make it even more difficult to get PHAs into Google Play. Last year’s enhancements reduced the probability of installing a PHA from Google Play by over 40% compared to 2014.

Android isn't the same on all devices. If you're running a lower version of a mobile operating system like Android, it is possible that it doesn't have the security enhancements to counter the latest vulnerabilities.

Precautions you can take to prevent damage:

  • Considering these risks, it may be better to opt for web apps that run in a browser (in an isolated sandbox mode) where available for the services you use 
  • Choose native apps that are downloaded by tens of thousands of users in the hope that any harmful behavior will be identified and reported by the vigilant among those
  • Check if Verify Apps is enabled on your Android device, and stay clear from harmful apps by only installing from a trusted source.Verify Apps is a cloud-based service that proactively checks every application prior to install to determine if the application is potentially harmful, and subsequently rechecks devices regularly to help ensure they’re safe. If Verify Apps detects a PHA before you install it on your device, it will prompt you to remove the app immediately. To enable Verify Apps,  go to Google Settings and then select Security. Under "Verify apps," tap Scan device for security threats. Note that on some devices, you may find 2 separate Settings icons: Settings & Google Settings. Verify Apps in under the Google Settings app

Comments