Many of us have been conditioned into thinking we need to install antivirus or malware protection apps on our phones lest we become a victim of some shady group of people who want our data.
That’s bad information, which Check Point’s recent report on alleged protection apps which steal folks’ banking information really drives home.
Because these apps may exist in third-party app stores, I’m going to give them visibility. They all come from three developer accounts: Zbynek Adamcik, Adelmio Pagnotto, and Bingo Like Inc. If you see any applications from these developers, steer clear.
Nothing could be further from the truth.
Your Android phone can’t even get a virus
A virus is a bit of code that can automatically install itself, replicate itself, and pass itself along to another device without any assistance from you.
Apps can not install themselves on your Android phone. It’s impossible.
This is because of the user/group permission model. You are a user, and as a user, you are part of a group of other users with similar permissions. the system is also a user and it is in a different group with other permissions. If you do not have the right permission as a user or the right permission as a member of a group, you can’t change anything.
Some users and groups have elevated permissions, like the system level that Google or Samsung would have if you were using a Galaxy S22, for example. And if you like to tinker and have rooted your phone, you can grant yourself superuser permissions so that you can change anything you like.
Once installed, that app can only access its own data and files so it can’t copy itself somewhere else.
But there are other types of malware. Usually, the malware tries to collect random data from other apps about you and then sends it back to some centralized server. This could be something that seems harmless, like which apps you have installed and how often you use them, or it could be sensitive, like your bank password. Both are dangerous.
Your phone can’t get a virus, but it can get malware if you install it.
This type of misuse of our data isn’t supposed to be possible, but there are plenty of people with bad intentions that are just as smart as the people who wrote the OS on your phone. Software vulnerabilities are common. But they are also regularly patched, which is why security updates are the most important updates of all.
This second type of malware is what smartphone users need to be concerned with, not a virus. And once upon a time, you needed to pay attention or use a third-party app to make sure you didn’t get into trouble with a bad app.
You already have the right malware scanner
(Image credit: Source: Alex Dobie / Android Central)
Most people think it exists to scan apps you have downloaded and installed from the Play Store, but that’s not how it works. It regularly scans every third-party application installed on your phone and reports anything fishy directly to you. If you haven’t seen a notification about a bad app, that means you haven’t had any.
Android is a lot like Windows in this regard. At one time, it wasn’t a bad idea to use a third-party malware scanning tool on either operating system.
Google has included a malware scanner as part of its services package and that’s all you need.
Most of the time installing a second malware scanning app isn’t going to hurt anything — unless it’s a bank account-stealing trojan disguised as a security app — and there are things that Windows Defender or Google Play Protect aren’t going to consider malware.