While most apps are completely safe to use, some apps have a covert mission – to collect and share information on users. According to a recent McAfee research, an alarming amount of mobile users are allowing apps to mine their personal data in exchange for use of the app. Over half (51 per cent) of users allow access their photos, 43 per cent to personal contact information, and a further 38 per cent allow access to their phone’s contact list – sharing contact details for friends, family and colleagues. McAfee also found that 82 per cent of apps track you, and 80 per cent of apps collect location information.
One of the most common behavior – shown by more than one-third of the malware – is to collect and send device data that can be used to build a profile of the mobile device owner’s behavior. There’s also a high prevalence of acts commonly associated with device hijacking, such as making the mobile device into a bot and installing other, even more malicious malware.
Mobile App Scams
- Mobile Shopping Apps: Official looking shopping apps, including those that feature celebrity or company endorsements, could be malicious, designed to steal or send out your personal data. Criminals can redirect incoming calls and messages, offering them the chance to bypass two-step authentication systems where the second step involves sending a code to a mobile device.
- Mobile SMS Scams: FakeInstaller tricks Android users into thinking it is a legitimate installer for an application and then quickly takes advantage of the unrestricted access to smartphones, sending SMS messages to premium rate numbers without user’s consent.
- Gift Scams: In-app advertisements that offer deals on popular items, such as the PS4 or Xbox One, might be too good to be true. Clever criminals will post dangerous links and phony contests to entice users to reveal personal information or download malware onto their devices.
Tips on Protecting Your Privacy
- Don’t just give away your privacy. Look at the permissions apps ask for and don’t download apps that ask for personally identifiable information (PII) or extra permissions beyond the ones the app itself needs.
- Beware of apps that scour your device for interesting information they should never share – such as ‘users you may know’, locations and friend’s contact details to ‘share updates’.