Tip of the Week: Minimizing App-Based Security Issues

These threats continue to grow more sophisticated thanks to innovations in AI, and you really can’t be too careful. Here’s what you can do to keep your devices secure.

Understand the App Security Dilemma

Businesses want to make money, and it’s important to remember that developers are businesses, too. The rush to be more profitable has led to a shift in priorities from security to speed. Here are the three biggest reasons why this is an issue:

The “Move Fast” Mentality

Forget rigorous security testing; small developers want to publish their apps first and fix them later. This is difficult to do from the security perspective, though.

The Vulnerable Parts

Modern apps tend to use third-party libraries and development kits, and if flaws are discovered in these many components, every app using them will contain the same backdoor.

Artificial Intelligence

Prompt Injection and AI-driven data scraping are the new trends to watch out for. Malicious apps can use AI to trick you into handing over information that you might otherwise keep to yourself.

How to Know You’re In Trouble

Before you install an application, take some time to check for these red flags that might indicate a security issue:

Too Many Permissions

There’s no reason that a calculator app needs access to your microphone, contacts, and precise GPS location. Apps that request data they don’t need are often harvesting data, whether it’s to sell to the highest bidder or to exploit later on.

Clones of Well-Known Apps

Scammers can create near-perfect copies of well-known apps with slightly misspelled names or off-color icons in an attempt to trick would-be users. Check the publisher of every app you go to download and make sure it’s legit before you do so.

Review Considerations

Star rating can tell you a lot, but look beyond to locate other suspicious activity. If an app has thousands of five-star reviews that all say the same thing, they could be AI-generated. Similarly, a one-star review complaining about battery drain, pop-ups, and unauthorized changes could be a sign that an app is malicious.

A Simple 5-Step Digital Hygiene Checklist

Don’t let yourself get scammed or hacked. Here are some actions you can take today to be a more secure app user:

Only Download from Official Stores

You should only download from the Apple App Store or Google Play—no sideloading apps from websites or third-party links. You want the app to go through the stringent security checks performed by Google and Amazon.

Enable MFA Wherever You Can

MFA will keep hackers from gaining access to your apps. Even if they manage to steal your password, they’ll need the secondary credential, which is difficult for them to access without stealing your phone outright.

Audit Permissions of New Apps

Every so often, look at your phone settings to review permissions for your apps. Specifically, you’ll want to check the camera, location, and microphone, at least. If you haven’t used an app in 90 days, consider deleting the app entirely.

Update Apps ASAP

Just like software updates on your computer, you’ll want to update apps to ensure security vulnerabilities are addressed in a timely manner.

Use a Password Manager

We recommend you use a password manager on your device so you can ensure maximum security through complex passwords that you don’t have to remember.

With all these measures in place, you should be in a better position than before, but if you find yourself wanting more, ITG can help. Learn more today by calling us at 518-479-3881.