At some point in the past you resigned yourself to the notion that antivirus software was a necessity for all PCs and laptops. But for some reason, the same principles don’t seem to apply when it comes to phones.
You might have a PIN code or a fingerprint registered to prevent someone from unlocking your phone without your permission, but beyond that you rely entirely on whatever security developers have put into the operating system and apps.
If you have an Android phone in particular, you should seriously consider installing a security app. According to McAfee’s latest threat report, 2020 is looking like the year of mobile sneak attacks.
What that means is that malware is going to hide away on your phone, spy on you and collect personal data without you knowing. Selling this information makes money for the criminals and you’re none the wiser.
Hidden Android apps
Such apps are finding innovative ways to stay hidden, such as having no icon or name, so you don’t see them in your app drawer or even in the list of apps in Settings.
Worse, apps such as LeifAccess and Shopper use accessibility features in Android to create accounts, post fake reviews of products and download other apps. They typically show fake security warnings which trick you into giving them accessibility permissions.
Annoying adverts
Some of this malware displays adverts on your phone, and for each one, the advertiser pays a small amount of money to the developer of the malware.
In the past, they’d display as many of these as quickly as possible to make money before you got annoyed and decided to track down and remove the app.
Now, the malicious apps are becoming more sophisticated and reducing the frequency of ads and other fraudulent behaviour in the hope you won’t really notice or get so annoyed you remove them.
What phone security do I need?
As ever, much of the best security advice is common sense. When you install apps, only do it from the official app store on your phone. (At the same time, watch out for fake reviews of apps. Repetitive phrases and only 5-star ratings are typical giveaways.)
Google Play Protect helps to ensure that the apps you install from the Play Store don’t contain any malware.
But as that’s not a cast-iron guarantee, you should also consider installing an antivirus app.
However, dodgy apps aren’t your only worry. It’s just as easy to fall for phishing scams on your phone as on a laptop or PC.
So be vigilant and don’t tap on links in emails unless you’re certain the source of the email is legitimate. And even then, don’t blindly enter your login details on websites without checking they are the genuine article.
This is another way mobile security can help, warning you of unsecure sites, or those which are known to be dangerous for some reason.
It’s also worth watching out for any unusual requests to install certificates to “enable new features” – they might actually be spying on you.
Monitor your email and passwords
ID monitoring services have popped up in the last few years and alert you if your details are ever included in a breach where an online service is hacked.
It happens too regularly, and if you use the same email address and password for lots of websites, then you’re opening yourself up to unnecessary risks.
Some security software now includes ID monitoring – including Norton 360 Deluxe (but not in the UK) and McAfee Total Protection. You can also sign up to dedicated services such as Identity Guard.
Some free services exist which you have to check manually, including haveibeenpwned.com.
If the thought of having to use unique passwords for each website is too much, then get a password manager which will remember them (and enter them) for you, such as LastPass or 1Password, the latter of which integrates with Have I Been Pwned.
Author: Jim Martin, Executive Editor
Jim has been testing and reviewing products for over 20 years. His main beats include VPN services and antivirus. He also covers smart home tech, mesh Wi-Fi and electric bikes.