I was a phone engineer and here’s everything you can do to protect yourself against malicious apps
Here's how you can App-ly some more security
Securing our phones against every threat is one of the hardest parts of owning a smartphone. However, when it comes to protecting ourselves from malicious apps and software, it can be confusing for those who don’t know what they need to look out for.
I used to work as a phone engineer, and have used that knowledge to help phone owners protect their devices. However, the issue with apps is that knowing something is wrong often comes down to a sense of feeling built on a bedrock of knowledge, rather than something that you can just point out. If you have spent a lot of time with phones, you start to pick up on suspicious things.
Now, one important thing to note is that both the Play Store and Apple's App Store have their defenses in place, but with the rise of third-party app stores it is worth being aware of a few things that can help to protect you from malicious apps. So let's run through a few basic things you need to watch out for, and what you can do if you do happen to download a malicious app.
What kind of apps can be malicious
There are more apps now than ever before, and most of them are perfectly safe. However, certain apps can hide malicious intent. Now, there is no tried and true method to know what apps could have a bug, but you can usually tell some of the more obvious.
First and foremost, anything that sells itself as a crypto app should put up a red flag. Cryptocurrency is certainly on the rise at the moment, and there is a huge issue when it comes to the individuals and “companies” that promote themselves as crypto-focused. Without a doubt, I would say to avoid most crypto apps, especially any that you don’t recognize from a trusted source. The same is true for any gambling apps, as these can drain your wallet in more ways than one.
It's also a good idea to be very wary of any low-effort game from companies you have never heard of. Now, it is true that smartphones have a large indie gaming market, but that doesn’t mean that all of them are safe to download. Usually, the best way to tell something is up is to check how many other games there are by the developer. For instance, if the game maker’s profile has twenty games that are exactly the same, then you can either guess that they are trying to make a quick buck, or that something shifty is going on.
Either way, you lose nothing by not downloading these apps regardless. It should also be mentioned that you should never download an app from an ad; instead search for said app in your phone's store, as this will also allow you to check the reviews, which is my next tip for avoiding malicious apps.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Trust real reviews, and the people who make them
One of the best methods when it comes to figuring out the safety of an app is to check the reviews. I know that might sound pretty obvious, but trust me there are still pitfalls to be aware of. Usually, users will make it clear if they have found issues with an app; however that isn't always the case and sometimes the developer will hide real reviews while posting fake ones.
So, the first thing to do when looking at a review section is to be on the lookout for anything that stands out as clearly fake, or like it came from a bot. Fake comments can be hard to spot sometimes, especially with the rise of AI, but there are still a few telltale signs. The first is that bot comments will have very strange grammar, or terrible spelling (at least more than the average person) the rhythm of the comment will also feel off, almost unnatural.
If you are still unsure, then check the reviewer's profile and see if they have reviewed anything else. if there's only review, or they only review apps from this developer or they always say the same thing, then there is a good chance that they are bots, and as such the developer could be hiding something.
One of the best places to check reviews is from trusted media sources, for instance, any site or company that reviews apps. It is also worth keeping an eye out for any news stories or threads on social media about certain apps. For instance, Reddit has a thriving community of people who check apps. Some of the best are r/Android, r/Privacy and r/scams. However, you can often simply search for the app in question on Google.
What to do if you download a malicious app
Now, all of this is great, but the reality is that downloading apps is often more of a spur-of-the-moment thing. So, how do you know if you have downloaded a malicious app, and what to do about it? Firstly, there are a couple of very obvious things that can happen when your phone has a virus. Some of these include random pop-ups, your phone sometimes feeling very hot, random messages getting sent to your contacts, you start finding fraudulent charges on your accounts and fast battery drain.
There are several things you can do if you notice these things occurring. The first is to make sure that you don’t click any links or ads that pop up on your phone. Secondly, it is worth investing in a good antivirus program, as this will usually inform you of which apps to be aware of and which ones to delete. Finally, change any passwords you have but do not update them on the phone until you have run all the scans and removed any malicious software. We have a comprehensive list of the best antivirus programs that can help you find the best option for you.
Apps are a part of our lives, and understanding what to be aware of can be a challenge in itself. Hopefully, this guide will give you enough initial information to get started on and to avoid one of the worst situations in our modern world.
More from Tom's Guide
- Samsung Galaxy Z Fold 6 catches fire during durability test — and it’s got a dust problem too
- iPhone 16 Pro Max tipped to arrive in two fresh new colors — bronze and black
- I’ve been using iOS 18 since the beta came out, and this updated app has blown me away
Josh is a staff writer for Tom's Guide and is based in the UK. He has worked for several publications but now works primarily on mobile phones. Outside of phones, he has a passion for video games, novels, and Warhammer.