All it takes is one suspicious or malicious Android app installed on your device for it to put your data and security at risk. If you’ve found a suspicious app and you want to report it to Google, here’s how to do it.
Before you start, remember that most Android malware doesn’t come with a warning banner. Knowing how to avoid malware on Android in the first place is your best form of defense. You can start by only installing apps from the Google Play store.
If you need to install apps outside of the Play Store, you should be absolutely certain you trust the source before you sideload them onto your device. Third-party app stores like the Amazon Appstore might prove to be better to use than sites offering you APK file downloads directly.
Don’t take for granted that every app in the Google Play Store is safe to use, though. Suspicious apps will fall through the cracks from time to time. Thankfully, Google offers users a way to report apps that you feel are suspicious for review.
Report Suspicious Android Apps from Your Device
The easiest method for reporting an app as suspicious is to report it through the Google Play Store on your device. Open the Play Store app and search for the suspicious app.
In the top-right section of the app listing, you’ll see the three-dot menu button. Tap this and click “Flag as Inappropriate.”
You’ll have a list of seven categories for your complaint, from sexual content to impersonation. Choose the reason that best suits your complaint. If you’re reporting an app for malware, for instance, choose “Harmful to Device or Data.”
If the option for “Harmful to Device or Data” isn’t available, or it doesn’t fit your choice, select another reason. If none of the reasons match, choose “Other Objection” at the bottom of the list.
Once you’re done, select “Submit.”
You aren’t able to add any comments to your complaint if you’re reporting it through the Google Play Store. If you want to go into further detail or add supporting evidence, it’s best to make your complaint online.
Use the Google Play Store Help Center Website
Google has a specific report form for users to report apps online, available via the Google Play Store Help Center website. This method is useful if you don’t have your device on hand or if, as previously mentioned, you need to go into extra detail about your complaint.
Open the Help Center website, scroll to “Help by Product Type,” and click “Google Play Store.”
Under “Fix an Issue,” click “Report Content Issues or Violations.”
On this page, scroll to “Computer” and, under “Flag Apps, Games, or Music as Inappropriate,” click the link for the “Report Inappropriate Apps Form.”
The form is fairly straightforward, with options to report apps for reasons including sexual or graphic content, spam, illegal activities, and more. As you would if you were reporting through the Google Play Store directly, you’ll need to select the reason for reporting the app.
If you think your app has malware included, select the “Harmful to Device or Data” option. You can also choose to select “Other Objection” if you feel the other categories are too narrow for your complaint.
Where the form requests it, provide a brief explanation as to why you’re reporting the app, providing as much detail as possible. If the app is still available for download, find the web URL for it on the Google Play Store website and provide it.
Confirm your name and email address and click “Submit” to finish.
Whether you choose to report an app through the Google Play Store on your device or through the Help Center, your report will be sent to Google for review and analysis.
Once that review takes place, if Google believes your complaint has merit, the app will then be removed from the Google Play Store.
A single suspicious or malicious Android application installed on your device is enough to put your data and your security at risk. If you found a suspicious application and want to report it to Google, here’s how.
Before you begin, remember that most Android malware is not accompanied by a warning banner. Knowledge how to avoid malware on Android in the first place is your best form of defense. You can start by installing only apps from the Google Play store.
If you need to install apps outside of the Play Store, you must be absolutely sure to trust the source before you load them laterally on your device. Third-party app stores like the Amazon Appstore could be better to use than sites offering direct downloads of APKs.
Do not assume that every Google Play app is safe to use, however. Suspicious applications go from time to time between the cracks. Fortunately, Google offers users a way to report apps that you think are suspicious.
Report suspicious Android apps from your device
The simplest way to report an app as suspicious is to report it via the Google Play Store on your device. Open the Play Store app and look for the suspicious application.
In the top right section of the application list, you will see the three-point menu button. Touch this and click “Report as inappropriate”.
You will have a list of seven categories for your complaint, from sexual content to impersonation. Choose the reason that best suits your complaint. For example, if you are reporting an application against a malicious program, choose “Harmful to Device or Data”.
If the option “Harmful to the device or data” is not available or if it does not suit you, select another reason. If none of the reasons match, choose “Other objection” at the bottom of the list.
Once you are done, select “Submit”.
You can not add comments to your complaint if you report it via Google Play Store. If you want to go into the details or add evidence, it is best to file your complaint online.
Use the Google Play Store Help Center website
Google has a specific report form allows users to report online applications, available via the Google Play Store Help Center website. This method is useful if you do not have your device on hand or if, as previously stated, you need to go into the details of your complaint.
Open the Help Center, scroll down to “Help by Product Type” and click on “Google Play Store”.
Under “Fix a problem,” click “Report content issues or violations.”
On this page, scroll down to “Computer,” and under “Report apps, games, or music inappropriately,” click the link for the “Report inappropriate apps” form.
The form is fairly simple, with options for reporting apps for reasons such as sexual or graphic content, spam, illegal activities, etc. As you would if you reported directly through the Google Play Store, you must select the reason for the reporting of the application.
If you suspect that your application contains malware, select the “Harmful to Device or Data” option. You can also choose to select “Other objection” if you feel that the other categories are too restrictive for your complaint.
When the form asks for it, briefly explain why you are reporting the application, providing as much detail as possible. If the application is still available for download, look for its Web URL on the Google Play Store website and provide it.
Confirm your name and email address and click “Submit” to finish.
Whether you choose to report an app through Google Play Store on your device or through the Help Center, your report will be sent to Google for review and analysis.
Once this review is done, if Google believes your complaint is true, then the app will be removed from the Google Play Store.
Everyone believes the Android platform is more secure compared to other mobile platforms such as Windows Phone or Symbian. However, hackers can still find their way to penetrate a platform’s sturdy wall.
Recently, a Trojan horse virus, which appeared as “harmless media player,” was discovered by a group of developers. Phones infected with this virus started sending spam messages to other mobile phone users. The DroidDream malware also hit a number of apps in the Android Market. These malware programs or viruses bring devastating effects, such as recording phone calls, stealing information, accessing confidential information, and making unauthorized purchases through your account. The apps on the Android Market are not exempted from these threats. Users need to be more vigilant in downloading apps from the Market.
The war against online threats is still marching on. The Google team is trying its best to keep everyone safe and keep the Android Market clean from these online threats. The team has been suspending suspicious apps and has been banning developers who spread spyware on the market. Google has also laid down strict guidelines that only allow apps which meet their current standards.
Aside from using it as a tool for entertainment and fun, your Android phone is like your overall assistant who can aid you in your daily tasks. It can also be your pocket-size vault that keeps your personal data secure from prying eyes. You, therefore, have the responsibility to protect your phone and take your part in the battle against online threats.
Reporting Suspicious Apps
If you have used a suspicious app or found a potentially malicious app in the Android Market, the best thing you can do is to report your findings to Android Market’s support team. In doing so, you will not only be protecting your phone, but other phone users as well.
To do that you can click here to submit a report or to go to Android Market > Help Articles > Contacting Support, and from there choose Report Inappropriate Apps. This will lead you to Google’s report form that requires you to type in the following information:
- Name
- Email address
- Application name
- Developer’s name
- Link to application on the Android Market
- Reasons for flagging
- Brief explanation for flagging the app
Once done, click “Submit” to save your form to Google’s database. The team will then assess your complaint and check the suspicious app. You can also flag apps which have sexual scenes or contain too much violence for the eyes of young Android phone users.
Have you taken your part in making the Android Market safe from online threats?
All it takes is one suspicious or malicious Android app put in in your instrument for it to place your knowledge and safety in danger. For those who’ve discovered a suspicious app and you need to file it to Google, right here’s easy methods to do it.
Sooner than you get started, keep in mind that maximum Android malware doesn’t include a caution banner. Figuring out easy methods to steer clear of malware on Android within the first position is your very best type of protection. You’ll be able to get started through most effective putting in apps from the Google Play retailer.
If you want to put in apps out of doors of the Play Retailer, you will have to be completely sure you believe the supply sooner than you sideload them onto your instrument. 3rd-party app shops just like the Amazon Appstore may end up to be higher to make use of than websites providing you APK record downloads without delay.
Don’t take with no consideration that each and every app within the Google Play Retailer is protected to make use of, regardless that. Suspicious apps will fall throughout the cracks every so often. Fortunately, Google provides customers a method to file apps that you’re feeling are suspicious for assessment.
Record Suspicious Android Apps from Your Instrument
The perfect way for reporting an app as suspicious is to file it throughout the Google Play Retailer in your instrument. Open the Play Retailer app and seek for the suspicious app.
Within the top-right segment of the app list, you’ll see the three-dot menu button. Faucet this and click on “Flag as Beside the point.”
You’ll have a listing of 7 classes to your criticism, from sexual content material to impersonation. Select the rationale that most closely fits your criticism. For those who’re reporting an app for malware, for example, make a selection “Damaging to Instrument or Knowledge.”
If the choice for “Damaging to Instrument or Knowledge” isn’t to be had, or it doesn’t suit your selection, make a choice one more reason. If not one of the causes fit, make a selection “Different Objection” on the backside of the checklist.
When you’re carried out, make a choice “Publish.”
You aren’t ready so as to add any feedback in your criticism in the event you’re reporting it throughout the Google Play Retailer. If you wish to pass into additional element or upload supporting proof, it’s very best to make your criticism on-line.
Use the Google Play Retailer Assist Middle Site
Google has a selected file shape for customers to file apps on-line, to be had by way of the Google Play Retailer Assist Middle web page. This technique comes in handy in the event you don’t have your instrument readily available or if, as up to now discussed, you want to enter further element about your criticism.
Open the Assist Middle web page, scroll to “Assist through Product Kind,” and click on “Google Play Retailer.”
Below “Repair an Factor,” click on “Record Content material Problems or Violations.”
In this web page, scroll to “Pc” and, underneath “Flag Apps, Video games, or Tune as Beside the point,” click on the hyperlink for the “Record Beside the point Apps Shape.”
The shape is rather simple, with choices to file apps for causes together with sexual or graphic content material, junk mail, unlawful actions, and extra. As you could possibly in the event you had been reporting throughout the Google Play Retailer without delay, you’ll want to make a choice the cause of reporting the app.
For those who suppose your app has malware integrated, make a choice the “Damaging to Instrument or Knowledge” possibility. You’ll be able to additionally make a selection to make a choice “Different Objection” if you’re feeling the opposite classes are too slim to your criticism.
The place the shape requests it, supply a short lived clarification as to why you’re reporting the app, offering as a lot element as conceivable. If the app remains to be to be had for obtain, in finding the internet URL for it at the Google Play Retailer web page and supply it.
Ascertain your title and e-mail cope with and click on “Publish” to complete.
Whether or not you select to file an app throughout the Google Play Retailer in your instrument or throughout the Assist Middle, your file might be despatched to Google for assessment and research.
As soon as that assessment takes position, if Google believes your criticism has benefit, the app will then be got rid of from the Google Play Retailer.
@bsovvy
September 23, 2019, 11:23am EDT
All it takes is one suspicious or malicious Android app installed on your device for it to put your data and security at risk. If you’ve found a suspicious app and you want to report it to Google, here’s how to do it.
Before you start, remember that most Android malware doesn’t come with a warning banner. Knowing how to avoid malware on Android in the first place is your best form of defense. You can start by only installing apps from the Google Play store.
If you need to install apps outside of the Play Store, you should be absolutely certain you trust the source before you sideload them onto your device. Third-party app stores like the Amazon Appstore might prove to be better to use than sites offering you APK file downloads directly.
Don’t take for granted that every app in the Google Play Store is safe to use, though. Suspicious apps will fall through the cracks from time to time. Thankfully, Google offers users a way to report apps that you feel are suspicious for review.
Report Suspicious Android Apps from Your Device
The easiest method for reporting an app as suspicious is to report it through the Google Play Store on your device. Open the Play Store app and search for the suspicious app.
In the top-right section of the app listing, you’ll see the three-dot menu button. Tap this and click “Flag as Inappropriate.”
You’ll have a list of seven categories for your complaint, from sexual content to impersonation. Choose the reason that best suits your complaint. If you’re reporting an app for malware, for instance, choose “Harmful to Device or Data.”
If the option for “Harmful to Device or Data” isn’t available, or it doesn’t fit your choice, select another reason. If none of the reasons match, choose “Other Objection” at the bottom of the list.
Once you’re done, select “Submit.”
You aren’t able to add any comments to your complaint if you’re reporting it through the Google Play Store. If you want to go into further detail or add supporting evidence, it’s best to make your complaint online.
Use the Google Play Store Help Center Website
Google has a specific report form for users to report apps online, available via the Google Play Store Help Center website. This method is useful if you don’t have your device on hand or if, as previously mentioned, you need to go into extra detail about your complaint.
Open the Help Center website, scroll to “Help by Product Type,” and click “Google Play Store.”
Under “Fix an Issue,” click “Report Content Issues or Violations.”
On this page, scroll to “Computer” and, under “Flag Apps, Games, or Music as Inappropriate,” click the link for the “Report Inappropriate Apps Form.”
The form is fairly straightforward, with options to report apps for reasons including sexual or graphic content, spam, illegal activities, and more. As you would if you were reporting through the Google Play Store directly, you’ll need to select the reason for reporting the app.
If you think your app has malware included, select the “Harmful to Device or Data” option. You can also choose to select “Other Objection” if you feel the other categories are too narrow for your complaint.
Where the form requests it, provide a brief explanation as to why you’re reporting the app, providing as much detail as possible. If the app is still available for download, find the web URL for it on the Google Play Store website and provide it.
Confirm your name and email address and click “Submit” to finish.
Whether you choose to report an app through the Google Play Store on your device or through the Help Center, your report will be sent to Google for review and analysis.
Once that review takes place, if Google believes your complaint has merit, the app will then be removed from the Google Play Store.
Share this page
- Linked-In
- Spam Text Messages and Phishing
- What to Do About Spam Text Messages
- How to Report Spam Text Messages
Spam Text Messages and Phishing
Scammers send fake text messages to trick you into giving them your personal information – things like your password, account number, or Social Security number. If they get that information, they could gain access to your email, bank, or other accounts. Or they could sell your information to other scammers.
The scammers use a variety of ever-changing stories to try to rope you in. They may
- promise free prizes, gift cards or coupons
- offer you a low or no interest credit card
- promise to help you pay off your student loans
Scammers also send fake messages that say they have some information about your account or a transaction. The scammers may
- say they’ve noticed some suspicious activity on your account
- claim there’s a problem with your payment information
- send you a fake invoice and tell you to contact them if you didn’t authorize the purchase
- send you a fake package delivery notification
The messages might ask you to give some personal information — like how much money you make, how much you owe, or your bank account, credit card, or Social Security number — to claim your gift or pursue the offer. Or they may tell you to click on a link to learn more about the issue. Some links may take you to a spoofed website that looks real but isn’t. If you log in, the scammers can then steal your user name and password.
Other messages may install harmful malware on your phone that steals your personal information without you realizing it.
What to Do About Spam Text Messages
If you get a text message that you weren’t expecting and it asks you to give some personal information, don’t click on any links. Legitimate companies won’t ask for information about your account by text.
If you think the message might be real, contact the company using a phone number or website you know is real. Not the information in the text message.
There are many ways you can filter unwanted text messages or stop them before they reach you.
On your phone
Your phone may have an option to filter and block messages from unknown senders or spam. Here’s how to filter and block messages on an iPhone and how to block a phone number on an Android phone.
Through your wireless provider
Your wireless provider may have a tool or service that lets you block calls and text messages. Check ctia.org, a website for the wireless industry, to learn about the options from different providers.
With a call-blocking app
Some call-blocking apps also let you block unwanted text messages. Go to ctia.org for a list of call-blocking apps for Android, BlackBerry, Apple, and Windows phones.
You can also search for apps online. Check out the features, user ratings, and expert reviews.
How to Report Spam Text Messages
If you get an unwanted text message, there are three ways to report it:
Share:
- Click to share on Twitter (Opens in new window)
- Click to share on Facebook (Opens in new window)
- Click to share on Pinterest (Opens in new window)
Considering the laundry list of calamities in 2020, it might come as no surprise that malicious apps and scams are on the rise. If Android is your platform of choice, now is the time to make sure your device is protected and you are not at risk of having your data and finances compromised.
We always recommend only downloading apps from the Google Play Store, as third-party app stores are not as secure. But, sometimes malicious apps will even make their way into official app stores. Tap or click here for a recent list of 30 apps infecting Android devices.
In 2020, there are more malicious apps available for download than there were last year, and fraudulent mobile transactions are on the rise, but what should you look out for and how do you check your device for troublesome apps? Read on to learn exactly how to protect your device and what you’re protecting your device from!
Malicious Android apps and mobile scams are on the rise
According to a report by Upstream, there were more than 29,000 malicious Android apps in Q1 of 2020 as compared to the 14,500 malicious apps identified in the same quarter of the previous year. The first quarter of 2020 also saw a massive 55% spike in fraudulent mobile transactions as compared to the same time period in 2019.
What this means is there are more dangerous downloads out there than ever. If you’re unlucky enough to install one of these applications, your device could slow down, personal data could be compromised, and in extreme cases, even your credit cards and banking information could be accessed without your consent.
Tech news that matters to you, daily
Privacy, security, the latest trends and the info you need to live your best digital life.
Many of these dangerous apps aren’t just malicious behind the scenes and can attempt to trick and/or scam less experienced users into spending money unnecessarily. In this sense, children and older family members can be particularly at risk, and if they happen to use your phone, you could be at risk too.
How to protect yourself from malicious Android software
It’s not all doom and gloom when it comes to securing your Android device, though, because keeping yourself safe in the digital world is easy on Android. As you go about your day and use your device normally, simply keep in mind these two things:
- Watch out for suspicious attachments and files sent to you, especially if they’re coming from a person or address you don’t recognize.
- When downloading apps from the Google Play Store don’t assume they’re safe because it’s on the store. Be sure to read reviews and if you are at all concerned about the app’s safety, don’t download it. It’s always better to be safe than sorry.
If you follow these best practices and make sure anybody that uses your Android does as well, it’s likely you’ll be able to avoid infection. But how can you be sure your device is secure right now, and what happens when you can’t tell if a file or application is safe to download?
An antivirus app on your Android device is the answer to all of these concerns. Fortunately, there are a large number of antivirus apps available that range in price and offer different kinds of mobile protection, and most popular applications will get the job done and keep your device safe.
Want to be sure you download the antivirus app that’s right for you? Tap or click here to see the top 5 Android antivirus apps.
Once you’ve installed an antivirus application from the Google Play Store, like the popular and free Avast Antivirus, there’s usually nothing more you’ll have to do, as your new antivirus software will likely automatically scan your device and protect it from future intrusion. But if peace of mind is what you’re after, manually scanning your device is easy:
- From the Google Play Store, download and install the antivirus application of your choice.
- Once the installation is complete, launch the app and manually start a scan yourself.
- With antivirus software like Avast, this is done automatically, but the app also offers easy access to scan your device whenever you’d like for all kinds of malicious software.
- Automatic scanning, depending on your device and your application of choice, will only happen so often, so if you’re ever concerned about your device’s security, a pre-preemptive scan is always a good idea.
What happens if you are careful with what you download and your antivirus software detects something sinister, like a virus? Tap or click here for signs your Android has a virus and what to do about it.
As the stories keep coming about malicious apps finding their way onto Google’s Play Store, one serious concern is the increasingly sophisticated efforts made by those apps to hide their intent from users. Well, the latest report from the team at Sophos has found 15 harmful apps that have gone a stage further—literally “hiding their app icons in the launcher. or disguising themselves in the phone’s App settings page.”
Put simply, apps have been found that trick users into installing them to perform a trivial service. The app disappears from view, but it is actually running, disguised under a system name, making it impossible to detect and stop without effort. Users are urged to specifically root these apps out, stop them, then delete them completely.
If the apps aren’t seen, then they won’t trigger user concerns and they become much more difficult to casually delete without making the effort to find them. That’s the theory. But now those apps have been exposed. Users have been warned.
Yet again, these latest apps join the countless others delivering adware—generating fraudulent revenue for their operators. Let’s be clear, free apps that deliver ads in their unpaid versions might be irritating, but they’re not necessarily fraudulent. But here we are talking about apps designed to deliver ads—it’s their sole purpose. It is the direct opposite of free apps, the ads are the focus, the app itself a wraparound.
The 15 apps discovered and disclosed by Sophos have been installed on more than 1.3 million devices—that’s a lot of ads, a lot of fraudulent revenue. And this is likely the tip of the iceberg for this new “icon hiding” threat category. “If history is any indication,” Sophos warns, “there are likely many more waiting to be found.”
Exclusive: Israeli Surveillance Companies Are Siphoning Masses Of Location Data From Smartphone Apps
Microsoft Updates Edge With This Game-Changing New Feature To Beat Chrome
iOS 14.3: Brilliant New iPhone Privacy Feature Will Arrive Any Minute Now
The “dirty tricks” pulled off by these apps include various ruses to hide away—either on install or shortly afterward, and installing two apps at once—a benign app that is visible as per normal, and a malicious app that remains hidden. Most phones these days have a wide range of legacy and unused apps—we don’t notice what’s there and how many of us ever purge our devices? That’s the social engineering taking place here—if the app can hide initially, it will likely hang around for some time.
“Nine of the 15 apps used deceptive application icons and names, most of which appeared to have been chosen because they might plausibly resemble an innocuous system app,” Sophos explained. But they cannot hide completely if you know what you’re looking for—and Android users are urged to check their phones for these apps—and if you find them, delete them. “The app icon is still visible in the phone’s ‘gear’ Settings menu, under Apps.”
Here are the 15 apps exposed by Sophos—you’ll notice the poor reviews, often a sign that an app of this kind is best avoided.
As so often with adware apps, most are designed around trivial utilities—QR readers and image editors, for example. “Most ironically,” Sophos reports, one of the malicious apps is designed “to scrub your phone of private data.” You couldn’t make this up. The mindset to download an app of unknown provenance for such a delicate purpose we won’t get into—the warnings here basically go without saying.
Once installed, the apps use innocuous names to ensure they don’t trigger suspicions. And, arguably, the most worrying finding is that all 15 apps appeared this year—that means there are still gaping holes in Play Store security and there are adware factories churning out such apps and pushing them into the public domain. Sophos believes that similarities in coding structure and user interfaces suggests this batch of apps might all be related, despite appearing to come from different publishers.
Sophos says that Google was notified about the apps and they seem to have been removed—the underlying threat and coding techniques will remain in other as yet unidentified apps in the store and the myriad apps likely still to come.
The package names of the 15 apps are here:
Andrew Brandt, a principal researcher at Sophos, warns that “while these apps have been removed from the Google Play Store, there may be others we haven’t yet discovered that do the same thing.”
Brandt also explains that if uses suspect an app might be hiding, or to check against the published list, “tap Settings, then Apps & Notifications. The most recently opened apps appear in a list at the top of this page. If any of those apps use the generic Android icon (which looks like a little greenish-blue Android silhouette) and have generic-sounding names (‘Back Up,’ ‘Update,’ ‘Time Zone Service’) tap the generic icon and then tap ‘Force Stop’ followed by ‘Uninstall’.” Real system apps won’t offer an ‘uninstall’ option but will have a ‘disable’ option instead.
Ultimately, the usual advice applies here. Don’t download trivial utility apps because they seem nifty and free—they’re free for a reason. Even if the downside is simply unwanted ads, the fact is that malicious apps can often be hiding more dangers than that. Given how much private information we carry on our devices, don’t casually leave the backdoor open to anyone with a shiny app and a free install.
@chrisbhoffman
Updated May 12, 2014, 3:37pm EDT
Yes, some Android apps can be malicious — Apple, Microsoft, and the media seem happy to remind us about this. Take a few basic precautions and you can avoid these potentially dangerous apps.
Google doesn’t manually approve apps like Apple does, but they do scan apps in the Google Play Store for malware. Permissions, reviews, and other reputation information can also tell us a lot.
It’s Not In the Play Store
Android allows you to install apps from outside the Google Play Store thanks to sideloading. This extra freedom allows for more choice — like the ability to install apps from the Amazon App Store, if you prefer — but it also opens up extra risks. Just like on Windows, Mac OS X, or Linux, you can get software from anywhere on the web and install it. And, also like on desktop operating systems, people can write malicious apps and distribute them via the web.
As we mentioned in our overview of whether Android antivirus apps are worth using, most malicious Android apps come from outside the Google Play Store. If you download a pirated app from a shady website, you shouldn’t be surprised if it brings malware onto your system.
Google doesn’t vet applications before they appear on the Play Store, but they do perform automated scans to see if apps are malicious. If an app you install from the Play Store is later discovered to be malicious, it can be remotely removed from your device. Attackers will try to distribute dangerous apps outside the store so they can get around this protection.
Android does now offer to scan apps for malware when you install them from outside the Play Store, but — like any antivirus solution — this isn’t perfect. If an app isn’t available on the Play Store, that’s a warning sign and you shouldn’t install the app unless you have good reason to do so. If you do install an app from outside the Play Store, be sure to allow your device to scan it for malware when you’re prompted. Leave the Verify apps setting enabled to have Android perform regular scans for malicious apps. If Android warns you about an app, uninstall it.
Its Permissions Don’t Make Sense
Some apps request too many permissions. For example, if a simple flashlight application requires permission to read your address book, access your location, and connect to the Internet, this is awfully suspicious. The app could upload the contents of your address book along with your location to an advertising network’s servers. If an app requests the ability to send SMS messages and it shouldn’t need this permission, the app may try to send SMS messages to premium-rate numbers and run up charges on your cell phone bill.
Permissions are a serious problem in the Android ecosystem, as apps often request too many and there’s no easy way to disallow them without rooting your device, as there is on Apple’s iOS. It’s normal to come across apps that require too many permissions, but it’s often because that app actually is using your phone number, address book, and location to an advertising network’s servers so they can track you and serve ads to you.
Be sure to keep an eye on permissions when installing apps. If an app you don’t trust much requires too many permissions, that’s a red flag that the app will potentially abuse those permissions. Apps can request access to additional permissions when they update, but you’ll have to agree to the update manually.
Installs, Reviews, and Reputation
As with desktop applications, it’s important to evaluate whether an app is trustworthy before you give it access to your system. On Android, this means looking at the number of times an app has been installed and checking out its reviews. If an app has been installed by just 50 people and has negative reviews, that app probably isn’t worth your time and may be potentially malicious.
On the other hand, if an app has four-to-five-star reviews and has been installed by more than a million people, that app is much more likely to be trustworthy. Of course, this isn’t always true — some bad apps manage to trick a large number of people into installing them and reviewing them well.
The reputation of the developer also matters. An app made by Google is probably safer than an app made by some person you’ve never heard of. An app created by an organization you’re familiar with — your bank, for example — is probably more trustworthy than an organization you’ve never heard of.
The permissions system also comes into effect here. Let’s say you want to install a little app and that app requires no permissions. It should be perfectly safe to use because the app couldn’t do anything malicious even if it wanted to. On the other hand, if that tiny app required permissions to access your contacts, accounts, location, SMS messages, and other sensitive data, you should view the app with much more suspicion.
As with any software, there’s no foolproof way to know whether an app is malicious. Stick with apps from Google Play, if possible. Pay attention to permissions, the number of times an app has been installed, the reviews, and the general reputation of the developer.
