Android apps scams on the rise

Posted on September 10, 2011 07:16 am

I have personally written more than thirty android apps for clients but other developers have been writing android apps that have now become a cinch for many, with the myriad of books and websites offering guidance and advice. This is the main reason am concerned that millions of Android operating system users are putting themselves at risk when installing and using applications from the Android Market because the problem with consumers writing apps for consumers is that they are not security experts and they lack skills. Before you download an apps, ask yourself, what does your app really ‘need’ to know to function. In some cases I have seen developers just ask for the full gamut of access when it is really not necessary and could compromise your phone. Whenever am developing apps, I have always ensured there is security validation before such programs are made available in the marketplace but for others same is not applied and this has led to a rising number of vulnerabilities and threats that have proved catastrophic.Two days ago, a Dane female friend of mine called me seeking assistance after she downloaded an application that was one of those that lack security features. In my own assessment, one such threat is “app phishing,” which allows a hacker to intercept the usernames and passwords supplied to popular apps. Such kind of attacks, I expect them to increase in the coming years due to the ubiquity of Android phones that are now flooding the market.

I told my Dane friend that the catch-up game the platform is currently playing to match the Apple App Store as my thoughts on why a security validation process remains absent from the Android Market. However, as a developer I do not know the reason why Google has failed to address this issue because it’s not a question of why they can’t do it, they can. There could be an underlying issue, business-related or otherwise, that is hindering the implementation of security validation processes. More than 20 developers have asked me same question many times with majority of them being in Europe and Africa.In some of my replies, I have said that compromising a single Google service is sometimes all it takes for an attacker to push malware to the service account owner’s Android phone. Consumers should also be aware of the types and level of permission granted to apps when using them, as the responsibility and burden of security decisions currently lies with the user. I have no problem with Android store buy if you are a consumer, extra precaution should be exercised when installing new applications on your phone. Please ensure that the app should first come from a trusted vendor, and should be older than 90 days in the marketplace. Ratings and comments from other users are also good indicators of whether an application is trustworthy but beware that the ratings could also be faked. As a rule of thumb, malware does not last long in the marketplace. When choosing the app and is just five days old and from an unknown vendor with little downloads and a five star rating you better think twice. In the event your phone becomes infected by malware or other threats, the best option is to reset your phone and reinstall everything afresh. I do advise users to treat mobile application the same way they would treat an e-mail attachment.

Contador Harrison