Here’s another high-risk internet behavior you might not be aware of: Downloading apps from unofficial sources. This isn’t much of a problem on Apple devices, because it’s hard/geeky to download something that’s not on the app store. Android (Google’s phone/tablet operating system) devices, however are pretty simple: Disable one setting and you can install an app from anywhere. (I’m not going to tell you what setting; If you need to know, you also know where to find it!)
The Google app store (“Play Store,” I hate that name!) does filter and remove malicious apps, though it may take longer than the Apple store, because the Apple store filters apps up front before they are ever released into the wild. You get no such protection when you install an app from somewhere else.
Now, in one of the larger data breaches to date, over one million (and counting) personal credentials have been compromised by a rogue Android app. The app has many names, but all have one thing in common: They are installed from a third-party, unofficial app store or source, possibly by links in spam emails. The malware steals Google credentials, thus compromising Gmail and all other Google services for that account. This malware is capable of taking complete control of an Android device, giving itself more permissions than even the legitimate user has. (Not that you’d notice; Malware operates best when it’s silent.)
The takeaway: Once again, now on mobile devices too, don’t click iffy links in emails, don’t fall for free apps that are usually paid apps, and don’t install apps from anything but the official store.
You can check to see if your Google account is breached by clicking the link below and typing in your Gmail address.
For even more empowering technology info, read my new book, “Deciphering the 21st Century,” Available now!
I’d love to hear your comments!