I generally keep both my desktop as well as my mobile devices pretty clean. On those with Windows installed I run an anti-malware application, but on my mobile devices I rely on Android and Google to take care of any malicious software that might try and wiggle its way in. So far that’s worked out pretty well — in both environments. However, I’m not an average user. I’m a little more savvy and a little more understanding of infection vectors and how malware authors try to trick users into installing it. Part of that means I know some kinds of websites are “shady” and I’ll run a higher risk of infection if I visit them — so I avoid them. However, part of my job at Pocketnow means I research new apps, ROMs, and hacks that I might otherwise avoid, thus upping my risk. Recently I’ve seen an increasing number of alerts stating that I’m infected. Luckily, those infection messages are lies. But how can you tell?
The Wild, Wild, Web
In U.S. folklore the Wild West is often romanticized as a place where a person could claim some property and start a life free from the bureaucratic red-tape that entangles much of the world today. The “civilized” people in the East thought the “uncivilized” people in the West were all but savages and lived in a lawless land, that blood ran in the streets, and that it needed to be “tamed”. To a certain extent that was true, but for the most part it was all fiction. Unlike the way movies painted the Wild West, there were rarely any shootouts, blood didn’t run in the streets, and people took care of one another — without the need for draconian laws and big-government to enforce them.
Today, the “Wild West” has been reborn, and we call it the Internet.
When surfing the web on a desktop or laptop, websites like to throw pop-ups (or pop-unders) which contain advertisements. These ads might be relevant to what you’re researching, but usually they’re not. Since both pop-ups and pop-unders shouldn’t exist anymore (browsers have blocked them by default for years), the only ones that you’ll see are those that you’ve allowed, or those that are circumventing the protections built-in to your browser. The first type are probably okay (you’ve already said that you trust pop-ups from that particular site), but the second kind should be avoided completely. Not only that, if you’re anything like me, you’ll avoid whatever is being advertised in that manner: guilt by association.
On desktop and laptops, you can probably tell what is and is not a “browser pop-up” fairly easily. On Android, however, pop-ups aren’t as easy to differentiate from dialog boxes that you’d see anywhere else, whether spawned by an app or the OS itself. Combine this with the fact that dialog boxes and pop-ups look significantly dissimilar on different versions of Android, not to mention that each web browser may present their pop-ups differently as well, and you can quickly see how an inconsistent user experience can quickly be exploited by the “black-hats” amongst us.
What’s a “Black-Hat”?
In the stereotyped Wild West the bad guys (and especially the villain) wore black hats. The hero almost always wore a white hat. Today, “black-hats” are the same as they were in the Old West: the bad guys. These are the people (and companies) that try and rob, steal, plunder, or infect. They’re a nasty bunch and you should stay away from them. Sometimes you can’t avoid them completely, and other times you don’t know what color their proverbial hat is.
Like I mentioned earlier, when I research the information that I present to you, sometimes I have to go through “black-hat” territory. Recently I’ve been seeing their pop-ups telling me that my Android is infected and I need to clean it — NOW! Many users would press “okay” and allow the “cleaning” to occur — only it’s not “cleaning”, it’s “infecting”. Don’t fall for it!
Android does a pretty good job of identifying when apps are malicious, but it can’t catch everything — nor should it. This is your device, and you need to be able to tell the difference between the the good guys and the bad guys. When you’re on a website and you get a pop-up that tells you you’re infected, press the back button and slowly walk away (digitally speaking). Take note of the website that you’re looking at and try to avoid it in the future.
Unless the message comes from Android itself, those messages about your Android being infected are a lie.
Image credit: (cc) Cloudzilla