Skip to main content

One Step Ahead: Protection from Malware

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy

Protection from Malware

Malware targeting smartphones to secretly steal sensitive data from infected devices or to use the infected device as a host to launch other attacks on secure networks are on the rise according to several 2018 news reports. Such malware may harvest device information, including voicemail, videos, contacts, other user data and saved wi-fi networks.

Malware can be installed on your smartphone in several ways:

  • An app in the marketplace or store may be infected or compromised or the creator may have programmed the app to access specific data.
  • Downloading an infected app from outside the official app stores, also known as side loading
  • A phishing text with an infected link, or a link directing the user to a malicious download
  • An ad that appears to be normal lures the user to click on the ad. Some ads may take over the whole screen, forcing the user to touch the screen which immediately installs the malware.
  • Leaving your phone unattended or sharing your phone with individuals you don’t know may provide an opportunity for someone to install malware on your device before handing the phone back to you.

Phone malware may not show any immediate symptoms. You may notice something is wrong after receiving a very high data bill. To protect your device and your data from malware:

  • Download apps from the official app stores, Google Play or the Apple App store. Assess whether the developer is new or well-known, and if the app new or talked about in the trusted media.
  • Delete any texts you are not expecting and avoid clicking on links in texts.
  • Review the permissions of your applications to make sure you understand what they are sharing.

To check iOS privacy permissions:

  1. Settings
  2. Privacy
  3. Select app to view privacy settings

For Android devices:

  1. Settings
  2. Apps & notifications
  3. Select app
  4. Permissions

For additional tips, see the One Step Ahead link on the Information Security website: https://www.isc.upenn.edu/security/news-alerts#One-Step-Ahead

Back to Top