14 Simple Tips to Protect Your Smartphone and Tablet - Part I

25.11.16 34 624 0

How to use Android safely

Everything you wanted to know about the security of the most popular mobile operating system

I have been using iPhones for six years, but in September I bought an Android smartphone.

Alexander Marfitsin

in the old days - editor of "Makradar"

Friends warned that Android is unsafe: they say, there are viruses in every application, and danger awaits where you don't expect. I decided to figure out if this is so, and put together a team of experts:

• Denis Lesnik, developer of Tinkoff-Bank,
• Dmitry Peterson, Head of Mobile Simbirsoft Company,
• Victoria Nosova, Security Director of Check Point Softway Technologies,
• Evgeniy Katella, head of the Android development department of Rambler,
• Artyom Baranov, leading virus analyst at Eset Russia.

Here's what I learned from them.

Is Android Really Dangerous?

Android is less secure than Ai-os. This operating system allows you to install applications from third-party stores, firmware updates are not available from all manufacturers, and users have direct access to the file system.

But Android has many advantages. First, applications run in the so-called "sandbox" - a special virtual space where the program works separately, and the operating system - separately. Secondly, Android's security system is based on access rights.

If you follow the safety rules and monitor what you put into your phone, your Android phone is no less secure than your iPhone.

What is the most unprotected Android phone right now?

The most dangerous are smartphones with old versions of Android. Google does not release security updates for Android older than 4.4.4. The fifth and sixth versions have enhanced security settings.

To see which version of Android your smartphone is running on, go to → "Settings" → "About phone" → "Android version":

The most important thing is that there are frequent updates for the smartphone. Most Android smartphones are rarely updated. An exception is the devices that Google produces: Nexuses and Pixels. There are also special models of smartphones with an emphasis on protecting user data. For example, the Blackberry line of Android smartphones: Priv, DTEK50, DTEK60. Samsung and HTC are often updated, but the old models stop receiving updates at some point.

Also at risk are cheap Chinese smartphones - as a rule, they are tied to their own app store - an analogue of Google Play, which is not so secure. Adware and spyware are often installed on such smartphones.

It is dangerous to use hand-bought smartphones unless you reset their firmware and delete all the legacy of the previous owner. If you bought the phone hand-held, please restore the factory firmware. If you cannot do it yourself, contact the service center, they will do it there in 15 minutes.

To reset the settings, go to the "Restore and reset" the settings of your smartphone:

When buying a smartphone by hand, wash it to the base

What is the main reason for hacking phones?

Due to user carelessness. He can download malware by opening a link in a dubious email, follow links from spam and strange messages from instant messengers, or try to get access to a fresh application and install it from dubious sources.

Social engineering is the easiest way to attack a smartphone. This is an attack method in which a person gives his data to fraudsters himself: for example, he reports the card number to allegedly bank employees; or enters a username and password from a social network in a dubious application. If you install applications not from Google Play, enter data from social networks and banking applications on unfamiliar sites, then Android will not save, no matter how secure it is.

The letter is doubtful, because we did not expect any payments, and the link leads to a strange site

Disable the "Allow installation of applications from unknown sources" item in the security settings:

Now applications can only be installed from the official store

When you install an application, check what data it asks for. For example, if a flashlight needs access to phone calls, messages, this is a reason to be wary, because the flashlight only needs a flash to work. You can change the permissions in the settings of the smartphone applications:

The flashlight needs access to the camera to turn on the flash. But to your contacts - not needed

And, of course, do not share your personal data and SMS codes with anyone. Beware of universal messengers, applications like "Music VK" or "Who was on your page." Any unofficial apps that ask for your personal information can use it against you.

Do I need an antivirus on my phone?

Antiviruses protect against certain threats - they check installed applications and flash cards. But an out-of-the-box phone with a fresh version of Android does not need an antivirus - in this case, the antivirus will simply consume the phone's resources. If you have an old phone and no updates come to it, then you should install an antivirus.

Android limits the capabilities of applications, which is why most modern antiviruses are useless. If you install applications only from Google Play, then the antivirus will most likely not bring tangible benefits: it will tell you all the time that no threats have been detected.

The phone constantly offers to update. What to do?

Smartphone firmware updates fix critical security vulnerabilities. Try to use the latest firmware. Make sure that it is your phone that prompts you to update, and not a third-party program. If everything is ok, then update.

But before installing new firmware, make sure it works fine. Read reviews on the Internet from users who have already updated. It often happens that an update fixes one old problem and creates three new ones.

Before updating, save all important data - if something goes wrong, you can restore the information. Android, most likely, has already made a backup copy of your contacts, but it is better to save the photos separately.

How to save data?

In the settings of the smartphone there is a "Restore and Reset" item. Check if the Data Backup toggle switch is on. This is a built-in Android backup - it saves backup copies of application data, passwords from Wi-Fi, Chrome bookmarks.

Contacts from the address book and Google mail, events in the Google Calendar, purchases in Google Play are saved automatically if account synchronization is enabled. You can check this in your smartphone account settings.

The latest versions of Android for Pixel smartphones have a full backup of data in Google Drive. But these models are not officially on sale in Russia yet.

What absolutely shouldn't be done on the Internet from a mobile phone or tablet?

Do not install non-Google apps or add-ons from questionable sites. Be careful with your social media and banking app credentials - make sure the site or app is really official and the connection is secure.

Often, cybercriminals fake bank websites, and users do not notice the trick.

To ensure that the connection to the site is secure, take a look at the padlock icon to the left of the Chrome address bar:

Connection is secure

Be careful on porn sites, sites with free games and TV shows, torrent sites, online casinos. They might prompt you to install an update, clean your phone, extend battery life, or anything else promising. Most often, all these miracle programs will hide behind Trojans, viruses or botnet agents. If you install something, then only from the official Google Play store.

Do not buy anything or conduct important correspondence from your smartphone if you use a public, password-protected Wi-Fi. Do not root your phone unless absolutely necessary.

What is phone rooting? What is it for?

Android works on the basis of the Linux operating system. It has a root user who has access to all system objects. From him the word "ruting" appeared.

Rooting gives programs access to system files and settings. For example, using rooting, you can control the processor power or take a complete digital copy of your smartphone with all applications, settings and user data. Experienced guys do rooting in order to rip off all unnecessary programs to iron, overclock the phone as much as possible, open hidden functions in it, or install an alternative firmware. It sounds tempting, but rooting is dangerous.

An inexperienced user, due to rooting, can ruin the firmware so that the smartphone will no longer work. A rooted phone will lose its warranty and will not be updated by the manufacturer. To root, you must have a very good reason and a reliable geek on hand.

If a malicious application gets on a rooted phone, you will have to completely reflash the phone to remove it. A rooted malicious application will be able to send messages from your phone to short numbers and use banking programs without your knowledge.

Remember

1. Buy smartphones with the latest version of Android - preferably from 6.0 and higher. If you buy Chinese smartphones, pay attention to the built-in app store. If this is an analogue of Google Play, and not Google Play itself, then downloading programs and games is dangerous.
2. If the smartphone's firmware has not been updated for a long time, install an antivirus. If the manufacturer often releases updates for the device, then the antivirus need not be installed.
3. Install applications only from Google Play. In the settings, prohibit downloading programs from other sources. Keep track of what information applications are asking for, do not forget to check them in the settings.
4. When paying for purchases from a smartphone, make sure that you are on the official website of the bank or payment system. Make sure the connection is secure.
5. Rooting allows third-party applications to access the system settings of the smartphone. It also voids your manufacturer's warranty. Don't root.
6. Check if your Google account is synchronized and if the built-in backup is working in the smartphone settings. Use Google Photos to save pictures and videos.

By downloading applications from the Internet, you can easily infect your android device with a virus... Even installing apps with Google play there is a likelihood of picking up a malicious application.

You risk losing not only all the information from your phone, but also give intruders access to your social media accounts, bank cards and other important information. In order to prevent this from happening, you can take a couple of simple actions described below.

There are simple tips on how to protect your phone from viruses:

1. Do not install applications from third-party sites, only from Google Play

Google Play is not perfect, but the likelihood of picking up an infection in it is small, which cannot be said about the "left" sources. Websites can contain viruses, Trojans and other infections, both intentionally and unknowingly.

Be sure to read the app descriptions. They may contain information that will convince you not to install the application. There is a chance that in addition to the necessary application, you will download add-ons that are absolutely unnecessary for you, which will clog up the phone and "Eat" random access memory.

3. Set up security for your phone

First, let's find out what version of Android you have. Go to settings ⇒ about phone ⇒ Android version.

⇒

What is it for? This is necessary in order to understand whether you need to read the article further or not.

In other words, earlier versions of the droid, namely versions up to 4.0, have malware scanning enabled by default and you will not be able to regulate the process yourself.

If the version is more recent, then read on.

• step number 2

Go back to the settings and find the security section. However, one must take into account the differences between the versions of Android. If you have a version with 4.0. until 4.4 then in the security section, find the unknown sources subsection and uncheck the box.

⇒

But on smartphones, the Android version of which is 4.4, another function appears that can be turned on or off if desired.

⇒

4. Don't forget to update the software

Updates are released for a reason. They contain important security patches.

⇒

Now a smartphone for a person is something like a personal psychologist. It is the mobile gadget that the user prefers to entrust all his secrets - of course, assuming that he will not "let it out." However, hacking into a smartphone is a feasible thing and, if we are not talking about an Apple device, it is quite simple. The user cannot be 100% sure that his personal data will not end up with third parties - but he is able to take a number of measures that will significantly reduce the risk of hacking.

By reading this article, you will learn what actions can be used to increase the security of your gadget.

Automatic screen locking is the most common security measure, but also the most effective. Even if we are talking about the simplest PIN-code of 4 digits from 0 to 9, then as many as 10,000 different options are possible. An attacker will have to be patient in order to sort out all possible combinations - although he will almost certainly get confused already in the first hundred.

By setting the PIN-code to a number "with a value" (for example, year of birth), the user greatly simplifies the life of a burglar. It is strongly recommended to use only random numbers - those that mean nothing.

Other methods of unlocking the screen are acceptable, including:

Password... The password differs from the PIN-code in that it is not limited in length and can include not only numbers, but also letters and other symbols - like a "dog". It will be possible to put an unlock password instead of a PIN code on all devices, modern and not so - for example, on the iPhone 4S, a 6-year-old gadget, it is as easy as shelling pears to do it.

Graphic pattern... To unlock the device, the user needs to draw a pattern on the screen with his finger, sequentially connecting the dots.

This unlocking method is the most popular among users, but it cannot guarantee security for a number of reasons: Firstly, because it will not be difficult for an intruder to spy on an ingenious sequence and remember it, Secondly, because from the constant input of the same pattern, a trace may remain on the screen, according to which it will be quite easy to restore the pattern.

Fingerprint. The presence of a fingerprint scanner in a modern smartphone is not something out of the ordinary - manufacturers have begun to equip even budget models with appropriate sensors.

Fingerprint unlocking is probably the best way right now. However, progress does not stop there - for example, the Samsung Galaxy S8 received an iris scanner. This allowed the representatives of the Korean company to call the S8 "the most secure smartphone" - after all, you can make an impression with a finger, but the new sensor cannot be fooled.

Tip: if you store critical data on your smartphone, use a combination of several unlock methods. You can, say, configure the gadget so that after entering the PIN-code it would also require drawing a graphic pattern.

Whatever software security experts share their advice, the recommendation to “password-protect” the gadget sounds one of the first. Even if the attackers, whose smartphones have fallen into the wrong hands, persist and manage to guess the password, the user will gain time - and during this time will be able to erase confidential information remotely.

What is 2-Step Verification and How Does It Help?

Two-Step Verification is a system actively used by banks and social media. The essence of the system lies in the appearance of an additional level of protection. You can recall Sberbank Online as the most eloquent and vivid example - the user of the bank's services specifies the password for the Personal Account, and then confirms the login to the account using the code that comes next in the SMS message. There are two steps: the first is the password, the second is the dialing code.

Two-Step Verification is one of the safest ways to protect yourself from hacking your AppleID or Google account!

Even if a hacker can remotely hack into an account by guessing the password, he will be faced with the need to provide a telephone code - which he will never be able to find out. The user, having received a message with a code that he did not order, will regard this as an alarming "bell" and at the first opportunity will change the password for the account.

Owners of gadgets with iOS 9 and higher can customize on their iPhones two-factor authentication instead of a two-step check. Apple notes that two-factor authentication uses more modern methods for generating and issuing 4-digit codes.

How to protect your smartphone from viruses with security software?

Is there any sense in the fact that the security software is installed on the smartphone is a question that experts still cannot find a definite answer to. The risk of an Apple device getting a virus is very low because iPhones and iPads run the closed iOS operating system. Android gadgets are infected much more often, because they can be loaded programs and content from third-party sources - therefore, they are in antiviruses need.

The first mobile antiviruses did more harm than good. The security software developers didn't care much about adapting the antivirus software for smartphones - they just copied the functionality from the desktop versions. As a result, antiviruses “devoured” precious megabytes of “RAM” and milliamperes of charge - gadgets with installed security software slowed down unpleasantly. Modern mobile antiviruses are another matter entirely. They consume significantly less resources, almost do not consume battery power and boast flexible settings.

There are a lot of security programs on Google Play - there are both paid and distributed free of charge. A study conducted by the Russian portal www.comss.ru allowed us to determine the top most favorite mobile antiviruses by users in 2016:

Image: comss.ru

Leadership positions are occupied by 2 products from Dr.Web. Antivirus Light is a free version with ads and reduced functionality - which, however, is enough to:

• Return the device to operability if it is completely blocked by the ransomware Trojan.
• Detect unknown malicious files using the efficient Origins Tracing algorithm.
• Quickly check the file system when trying to save a file - using the SpiDer Guard monitor.
• Remotely erase data from a lost device using the "Anti-theft" function.

Dr.Web Security Space is a fully functional program that has a trial period of 2 weeks. At the end of this period, the user needs to pay for a subscription for at least 1 year.

The popularity of Dr.Web anti-virus is obviously due to the availability of a free version. The program from Kaspersky, as well as antivirus ESET NOD32 and Avast! have even higher ratings on Google Play, but they are all distributed according to the freemium model - that is, they offer to use the full functionality for a limited period of time, and then, if you like, purchase a subscription. You should not immediately abandon the paid option - after all, the cost of an annual subscription to antivirus software, as a rule, is significantly lower than the price of the services of service center masters, who have to contact to clean the OS from "Trojans" and other viruses.

Experts from ESET and Kaspersky Lab give users other advice on how to protect their smartphones from hacking, and themselves from losing important data:

Use password managers. Remembering passwords from all the portals on which you are registered is not an easy task. Many users, in order not to bother, set the same password everywhere. This is a big mistake: it will be enough for an attacker to hack a person's page on a social network - and now he already has access to the mailboxes and electronic wallets of his victim. It is much safer to use a password manager - a program that stores passwords from all kinds of sites under a master code.

The most reliable and effective password managers are LastPass and 1Password.

Watch out for bluetooth and... If the user is not going to transfer data or pay for purchases using a contactless method, it is better for him to turn off both Bluetooth and NFC. This will not only reduce the risk of being attacked by a computer, but also save battery power.

Avoid public Wi-Fi... 3G / 4G coverage is now available in all public places - it is better to spend megabytes of traffic downloading or watching content online than to put the security of your gadget at risk by connecting to password-free Wi-Fi distributions.

If you cannot do without public Wi-Fi, then it is recommended to connect to it via a VPN, with which you can encrypt traffic, hide the IP address of the gadget and its location.

Update in a timely manner... OS updates usually contain patches for system vulnerabilities. With each update, the "operating system" of the gadget becomes more and more secure.

Watch what you allow apps... If, say, a small wallpaper changer requests access to geolocation and contacts, it's worth considering - maybe it's better to prefer a less demanding analogue and not worry about the security of personal data? Read ours for more details.

Conclusion

The user does not need to take any time-consuming and costly measures in order to improve the security of the smartphone. Putting auto-blocking and being careful when downloading content and connecting to Wi-Fi networks is already 90% of the case. To make sure that your gadget will not be hacked or infected, you can download and install an antivirus program - however, you need to be prepared for the fact that effective security software will cost money and that you will most likely have to pay a year in advance.

Every year produces a huge number of useful (and useless too) technologies that enter our daily life through the electronic devices used. We are starting to provide phones with more personal information: we synchronize with accounts on social networks, we provide our phone number to access the application, to communicate with friends through this application (hello, Whatsapp); we make electronic payments through online banks, filling in the details of our credit cards and much more. If advanced users can somehow protect themselves (or quickly detect and eliminate) from a virus that appears in your Android device, then inexperienced people usually do not even think about the safety of their smartphone. Be sure to follow our recommendations with reviews of the 5 best antivirus software for Android phones.

The 3 best antiviruses for Android *

* and the fastest, by the way;)

The rating is based primarily on our personal experience of using each antivirus, and secondly, on the analysis of reviews about the application. A good antivirus, first of all, is one that detects and eliminates viruses ON TIME, frequently updates the virus database and DOES NOT STOP. Meet the top 5 according to DT:

1. Mobile & Security by AVAST Software

Developer: AVAST Software

Price: free and unlimited, with the option to buy PREMIUM (maximum protection and without it).

Description: In our opinion, this antivirus is not only the most effective, but also has the most user-friendly interface. A PREMIUM account costs 400 rubles a year and opens additional ones, but even without them the phone will be as secure as possible. For example, the anti-theft function, one of the possibilities of which is to take a picture of the thief while he is using the phone (this function is also in some other antiviruses, but I was the first to notice it, I don't know where I was before).

Some of the main features:

• Antivirus engine: Scan installed applications and contents of the memory card, as well as new applications on first use. Schedule an automatic scan while you sleep. Includes scanning of SMS messages and files for complete protection of the mobile device.
• Security Advisor and Application Management: Find out the access rights and intents of installed applications.
  SMS & Call Filter: Protect your privacy with it. Block unwanted numbers.
  Web Shield: Blocks malicious links (for safe web browsing) and even USSD numbers (which can wipe your device's memory). Also fixes incorrectly entered URLs.
• Network Meter: Keeps statistics of incoming and outgoing data.
• Firewall (only for rooted devices): Block hacker attacks.
• App Lock: Lock any 2 apps with PIN or gesture (unlimited in Premium).
• Backup: Allows you to back up your contacts, SMS / call logs and photos (the Premium version allows you to back up your music, videos and apps).

2. Mobile & Security by ESET NOD32

Developer: ESET NOD32

Price: free, unlimited (initially, the application activates a version for 30 days with all functions. After a month, the main functions remain, see the screenshot below)

Description: does an excellent job with the declared functions, nothing more. The downside is English-language support.

Main functions:

3. CM Security protection and antivirus from Cheetah Mobile

Developer: Cheetah Mobile (AntiVirus & Applock)

Price: free and unlimited

Description: very easy to use antivirus. A huge plus is that it is completely free. The ability to clean the smartphone from garbage (cleaning memory). Blocking fake SMS, firewall. I think for beginners this is an ideal way to get acquainted with such a concept as antivirus in general.

Main functions:

• Antivirus engine : leveraging both on-premises and cloud cores, 200,000,000 user experiences and a 16-year history of computer and mobile security are at the core. Repeatedly took first places in AV-Comparatives and AV-TEST tests.
• Multi-layered protection : Eliminate system vulnerabilities and scan for new applications, updates, file system and websites to ensure device security and your privacy in real time. Clean up your system and speed up your device.
• Speed ​​and convenience : The scan takes just 5 seconds, which is 500% faster than other paid antivirus apps. CM Security, in addition, does not take up much space in the phone's memory, half as much as other antiviruses. With highly acclaimed cleaning and acceleration features, your device can be lighter, faster and more secure.

If you do not like any of the above antiviruses, and be sure to unsubscribe in the comments to the article which one you have chosen and why. We are also interested!

1. Before installing the application, check the list of permissions. Think about why a regular text notebook wants to access your contacts or SMS messages. This can cause SMS spam to appear on your phone.
2. Use strong passwords and multiple levels of authentication, such as phone confirmation (but only with trusted services!)
3. If you go to a site and it opens some windows by itself, close it as soon as possible and never go back. This is the fastest way to get a virus without even noticing.
4. Don't install too many applications. Otherwise, you will not be able to control all of them. A smartphone or tablet will slow down and your safety is at risk, because you can break yourself (or someone) something in anger during the next long download of the application.
5. Try to keep your apps up to date. After all, they are updated for your safety, excluding emerging vulnerabilities.
6. If you are an inexperienced user, do not try to enable root-rights, otherwise you will break your phone.

Well, at the end, let's summarize. In fact, any antivirus is not a panacea. Experienced users can do without them. The main thing is your brain. Be carefull.