Although some change can be great, we’re not always thrilled when modifications are made to things we’ve become accustomed to expecting. It’s easy to get thrown off when your local supermarket relocates the produce section across the store, or when a go-to dish is removed from the menu at your favorite restaurant. And many of us just don’t want to deal with changes made to how things look or operate on our mobile devices. As a matter of fact, as many as 44% of Android users are running off older, somewhat outdated operating systems (OS), having chosen not to update their smartphones or tablets, sometimes for years. This is a decision that could easily leave them exposed to some vicious forms of malware.
Many smartphones and tablets run just like small computers, using an operating system to support and drive basic functions such as loading applications or notifications. And just as your home computer has regular updates installed to your Windows or Mac operating system, the OS on your mobile device is frequently updated as well.
However, according to an internal bulletin from the Department of Homeland Security and the FBI, almost half of Android users were reported to have failed to launch any OS updates since 2011. These users, who are running on OS versions 2.3.3 through 2.3.7 (commonly known as “Gingerbread”), are exposing themselves to security vulnerabilities that have been fixed in later versions.
Android users operating specifically on Gingerbread may be leaving their devices open to some nasty bugs, most notably text message Trojans (premium-rate messages sent from your phone without your knowledge), rootkits (malware that records your actions on your phone and sends it back to hackers), and other attacks stemming from fake Google Play sites. I previously wrote about the trouble with Trojans for Android in general, but text Trojans are a unique breed. By sending text messages to premium numbers against the phone owner’s knowledge, text Trojans can cause monthly phone bills to skyrocket for unsuspecting victims.
Many of these threats are built to hide their existence from normal forms of detection and can be difficult to identify. One other type malware common to Android devices tricks users into downloading a malicious app posing as a legitimate one on the Google Play website. Once downloaded, these apps can nab your sensitive information such as login credentials and financial data.
Androids run on an open-source platform, which allows any developer (innocent or malicious) to create custom software that is compatible across Android operating systems and devices. This, as the Department of Homeland Security and FBI pointed out, opens the door to any number of malware being created to specifically target the less secure Android operating systems. And then add in the fact that hackers have their sights set on Android users─who comprise 80% of the global market on mobile devices. This makes is even more critical for Android users to ensure you protect your devices.
With all of these security vulnerabilities floating around, how do you protect yourself? First and most importantly, keep your Android OS up to date. In order to update your operating system, go to the Settings app on your device. Select “About Phone” and then “Software Upgrade” or “Software Update.” Specific wording may vary from device to device, but it’s in this area of your phone that you’ll be able to initiate a manual update.
On top of that critical piece of smartphone housekeeping, here are a few concrete actions you can take to make sure your Android device isn’t commandeered by hackers:
- Always run updates when they’re recommended. To avoid missing the latest security updates, make it a habit to run OS upgrades as they’re launched. It’s likely your device will send you a notification when OS updates become available.
- Don’t download suspicious apps. As stated above, hackers are creating fake Google Play domains just to lure you into downloading malicious apps. Always be sure you’re browsing in the official Google Play store and if an app doesn’t look right, has numerous suspicious or negative reviews, or asks for more permission than it should need, hold off. If an app asks for permissions to access more data than it requires to perform its intended function, chances are it could contain some sort of malware.
- Check your phone bill for out-of-the-ordinary charges. It’s easy to miss a couple of dollars here and there, but charges from premium-rate texts can quickly pile up on you. Always scan your bill to make sure charges are warranted─if something looks fishy, call your service provider to report it.
- Protect all of your devices with comprehensive security. While updating your phone’s OS should work to keep your device secure, hackers are constantly battling for the upper hand when it comes to your sensitive mobile data. Safeguard your data, your identity, and your dollars with McAfee LiveSafe™. This service offers a safe search tool to warn you before you visit any risky sites, and a password manager for a single click login on any site across all of your devices—PC and mobile. If your computer already operates with security software, consider using McAfee® Mobile Security. It will not only scan your device for viruses and threats, but helps you identify apps that are accessing too much of your valuable data.