After starting life as interesting novelties, apps have become useful, enjoyable, and in some instances, crucial components in our daily lives. Handsets will regularly be bought on the strength of their OS and the variety of their application store, as iOS, Android, BlackBerry and Windows Phone jostle for position. However, recent data from McAfee has exposed the dangers of downloading free apps, especially when using the Android operating system. Could Google’s open nature be its eventual downfall, given its susceptibility to attacks?
The internet security company’s consumer trends report for June reveals the extent to which cybercriminals are accessing the details of those using smartphones running the Google-developed operating system – the OS with the largest market share in the UK, accounting for almost six out of 10 smartphone users.
The report found that the Ice Cream Sandwich (4.0) version of the software, accounting for more than a quarter of Android users, was more likely to be affected, with games and personalisation apps regularly targeted. Several of the apps have collected account information, activity statuses, and even GPS location, prompting scrutiny on the open nature of the software.
Raj Samani, chief technical officer at McAfee, said a lack of consumer awareness is a crucial component in aiding this surge. He said: ‘The mobile platform presents a new venture for cybercriminals, which is why Android malware is going up. Smartphones have more functionality than PCs or laptops, so there are more things to target. It is also difficult for people to determine how risky an app is.
‘We carried out a recent poll in central London where we asked 30 people about their knowledge of malware harming mobile phones. Not one person of the 30 was aware or worried about the threat. People don’t believe you can get viruses on mobile phones.’
Samani revealed the ease in which this type of fraud is committed – labelling it ‘child’s play’. One can purchase specific malware and Trojan viruses on the internet – ‘you don’t need to be a genius, you don’t even need a computer. All you need is a debit card,’ he said.
So, why is there a lack of knowledge among users? Customers are obviously not being offered relevant information at point of sale or online, so this may represent a challenge in terms of tailoring aftercare when selling Android products – an important process for retailers and operators. But operator sources told Mobile they felt the responsibility for education and improvement lies solely with Google.
A Google spokesperson explained that a new automated screening service for apps has been incorporated in Google Play, which provides protection against ‘potentially malicious software without disrupting the user experience’. Google can also be used as an application verifier with the Jelly Bean (4.2) version of the software. McAfee said Jelly Bean improves the problem without completely eradicating it.
Does this represent an opportunity for rivals and could it pose a significant threat to Android’s 56.6% hold of the market? Its closest competitor, Apple, can offer a genuinely secure service to their customers in terms of internet use and apps. Unlike its rival, the American company vigorously vets all apps before they are made available in the App Store, and although this may be time consuming, it protects stringently against malware and viruses.
Despite a flagging reputation, BlackBerry built up a name as a bastion of security, and it was on these principles of protection that it became the original smartphone for business people. The company’s stock may have dropped in recent times, but it can offer a more secure service than Android. Windows Phone is also making progress in the market, combining a user-friendly system with a growing application store (recently achieving 100,000 apps), and as a result gaining a larger market share. It appears, though, that Google could come out of this relatively unscathed,
Neil Mawston, industry analyst at Strategy Analytics, said only around 10% of Android users, the most tech-savvy, would have any knowledge of malware. He said: ‘Even if it creeps into wider public consciousness it will only take a bit of the shine off Android as it is such a strong brand. When you have something that covers 70% of the global market it naturally becomes an attractive target for the bad guys. It is just something the business will have to live with, and Google will have to ensure it stays one step ahead.’
THREATS TO YOU
Invasive malware is being installed through app permission abuse, and UK consumers are being hit by a two-pronged attack:
Bogus texts After installing a free app, users are tricked into sending a premium rate message to ‘activate’ it. McAfee also found malware that sent free app installers seven messages at the cost of $4 (£2.60) each.
Fake ratings: Users are offered the chance to remove ads from their app, but instead they are unknowingly giving it a five-star rating, making the app more appealing for unsuspecting victims.