It’s been a devastating few weeks for Android users. There have been warnings over dozens of apps capable of generating money for criminals behind your back using adware, and an app that could reinstall itself whenever users tried to delete the harmful programme from their handset – Android users don’t have to install anything to be vulnerable. And then there was StrandHogg – a flaw the allows hackers to create a fake login page pretending to be a legitimate banking app on your handset, siphoning off your bank login details.
Worse still, StrandHogg will still direct users to the legitimate app once they’ve inputted their details. So, from your perceptive, all you’ve done is log into your banking app – unaware that hackers have just been handed over all the details they need to do the same.
So, is it just bad timing that all these attacks – almost all designed to earn money from your smartphone, or steal it directly from your bank account – or are Android users more at risk than their iOS counterparts? And if so, should they avoid trusting their devices with their most sensitive information, like online banking or inputing your debit and credit card details in dozens of websites to make the most of the Black Friday sales, or Christmas shopping rush?
According to Jan Youngren, who works as a Cybersecurity Expert at VPNpro.com, using Android does carry more of a risk. And users need to be aware of that.
Youngren told Express.co.uk: “While we haven’t yet done a full analysis of StrandHogg, it’s generally always riskier to use your Android phone for any seriously sensitive activities, because there’s a much wider range of malware available specifically for Android devices. This is especially risky during the Christmas shopping season, when online shopping revenue goes up – and so do hackers’ attempts to steal your banking, PayPal or credit card data.
“So, in general, when comparing Android to iOS, iOS wins simply because of their better default security. For example, there are loads of free malware that you can use to infect Android devices, while it will be very difficult for you to find paid iOS malware that will be unpatched for longer than a few days. Apple is just better at security by default.”
Android WARNING: new Google glitch could cost you a lot of money
Windows 7 end of life: Get the update you REALLY need with this ultimate Black Friday deal
But when asked about the other options available to those who typically use Android smartphone or tablets to sort their finances using apps or online banking portals, Youngren wasn’t overly complimentary about one other platform that online shoppers could plump for.
“If you’re planning on switching from Android to Windows in order to make your Christmas purchases more ‘secure’, that’s pretty much like jumping from the frying pan into the fire,” the cybersecurity expert added.
Yikes. That’s one way of putting it.
Of course, that’s merely the assessment of one cybersecurity expert. When reaching out to another popular security platform, we received a very different response about the safety of the Android platform.
Victor Chebyshev, who works as a security analyst at anti-virus firm Kaspersky, said: “The sheer capability to install apps from third-party sources brings certain risks to any [operating system], and different financial threats exists for various platforms, so the best advice is to stay cautious at all times and use a security solution on the smartphones.”
Chebyshev has offered some tips for Android users – or indeed anyone – to make sure they’re safe when browsing online to buy stocking fillers for their loved ones, adding: “Our experience shows that cybercriminals tend to aim on banking accounts much more rapidly than on shopping sessions. Such type of attack usually happens with help of malicious software, which means that cybercriminal has to infect victim device.
“StrandHogg allows malicious apps to use additional phishing methods, however without a malicious app being installed on the phone, the threat is not itself dangerous. These malicious apps are detected by antivirus products. In order to decrease the possibility to become victim of cybercriminals, users need to follow a number of simple recommendations: not install apps from third-party sources, not click on suspicious links shared in messages, not share their personal and credit card data, if even the smallest suspicions arise.
“For instance, in the case the app that you would not expect to ask for credit card data is doing that or the website or app you know is requesting data in an unusual scenario, you definitely should not share anything. To be most protected, we advise to use a trusted and reliable security solution.”
Whatever smartphone or tablet operating system you’ve decided to opt for, it’s worth following these best practice rules to stay safe online.