Mobile devices have long been viewed as safe from cybersecurity threats. As phones evolved from simple items only used for calls, texts and the odd game of snake, however, they've become targets for both viruses and attacks.
Android phones are now filled with sensitive data alongside multiple apps, and have a constant connection to the internet. While there are security features built in, it's important to supplement them with security apps for Android.
In this guide, we’ll cover exactly why you need an antivirus & mobile security app for Android, help you understand the threats, how to tackle them and what you can do to protect yourself. Install antivirus for Android before it’s too late.
Can Android phones get viruses?
In this guide, we'll cover exactly why you need an antivirus & mobile security app for Android, help you understand the threats, how to tackle them and what you can do to protect yourself. Install antivirus for Android before it's too late.
The short answer is no, Android phones and devices can not get viruses. But that doesn't really paint the real picture. A computer virus is defined as 'harmful software that self-replicates' and, while there are currently none of these targeting Android, there are numerous malicious apps and other security threats that fall within the umbrella of a virus.
A virus is simply one threat that's used by many as a 'catch-all' for malicious software, known as malware, when actually it's simply a type of malware. Android malware is a problem, alongside other security threats, and there are a number of malware and threats that you need to be wary of.
What are the security risks on Android devices?
As the Android operating system increases in popularity, so does the number of threats. Now, Android runs on over 80% of existing mobile devices, so you can imagine just how significant that threat has become.
While the risk of viruses is minimal, the risk of downloading malware or facing another cybersecurity threat on an Android phone is significant. The dangers you may face on an Android phone which a security application prevents include:
Malware threats – Android malware is software that's designed to be downloaded onto your phone or device and perform a malicious act. The main types of Android malware include:
Trojans – a type of malware that masquerades as a legitimate app that will then perform a malicious action.
Keyloggers – designed to log all of your actions and see how you're using your phone, or track what you're typing. These are often advertised as parental controls.
Ransomware – as with computer ransomware, this software is designed to encrypt your files or restrict access to your Android device unless you give them money. There's often a threat involved, in addition to being locked out of your content too.
Spyware – Android spyware is software that's used to access all the confidential data on your device such as contacts, messages, photos and account details. It can be used to track your usage and some can even access your camera. There are spyware apps designed to allow people to monitor people they know, but also a number that can be installed remotely.
Adware – one of the most basic types of malware is adware. While it may not be as dangerous, it's designed to cause annoyance and make money for someone. Adware will display advertisements, often full screen, on your phone at all times.
Premium rate texts – a program that makes your phone repeatedly send texts to premium numbers to make money when you pay your bill.
Hacking – when someone hacks a device, they are usually doing it either through a known exploit or using a piece of malware. This hacking can be done to steal personal information, account details or simply to install additional malware.
Phishing – phishing is a major nuisance on mobile devices. It's a method of stealing personal information by duping the user into entering details, or downloading malware by posing as a legitimate source. Historically it was mainly through emails, but in recent years there's been a rise in phishing text scams targeting both Android smartphones and iOS devices.
Catfishing – a catfish is someone who sets up a fake profile on social media aimed at duping you into passing over important information. With the prevalence of social media and email apps on phones, it's a major issue for Android users.
Inbound calls – inbound call scams have been a phone issue for decades, and they moved over from landline to mobile phones quickly. There are generally two types of malicious call:
Premium rate calls – a call from a number that will cost you a large amount to answer.
Scam calls – a phone version of phishing scams, where they try to fool you into passing over sensitive information, like banking details.
All of these threats can be dangerous, in terms of losing personal or sensitive information, but they can also cause great annoyance. Malicious apps are often 'always on' and can cause your Android smartphone or tablet to slow right down, run hot or drain its battery much more quickly than usual.
These threats can come about through a number of different entry points, so understanding how malware is getting onto your device is important.
How do Android devices get viruses?
There are a number of ways your Android smartphone can get infected with malware. The most plausible ways for you to pick up Android malware include:
- Downloading untrustworthy apps rather than through the Google Play store
- Downloading malware as an attachment from an email or text
- Downloading directly from a website
- Connecting to another device via Bluetooth or cable
Downloading Android malware through apps
Installing a malicious app on Android is harder than it may appear. Generally speaking, you can only download Android apps from the Google Play Store and nearly all of the apps on there have been verified. That said, the odd malicious app does slip through the cracks on occasion, so be careful with what you download.
The main issue on Android, which isn't the case on Apple devices, is that you can disable the functionality blocking you from downloading apps from sources other than the Google Play Store. This can open you up to downloading apps from other places and that's a risk. We recommend you install apps from the Google Play Store only.
Be particularly careful if you root your phone or tablet. As rooting the phone essentially sets up blanket administrator privileges, you may inadvertently install unwanted apps on your mobile device.
Downloading malware through attachments
Spam emails are an issue for pretty much anyone with an email account. They're also one of the main sources for downloading malware and viruses onto a device. The good news is that you generally have to click through a link before downloading. If you open an email and it instantly prompts you to download something, simply don't do it. Automatically triggering downloads is rare though, and it'll generally be a link or an attachment that could cause the problem. If you're not sure, try and scan them first.
SMS text messages are another entry point for these kinds of attacks. While simply opening a text shouldn't be enough to download the malware, you should avoid downloading any questionable attachments or clicking on any links.
Downloading files directly from a website
As with computers, if you click on the wrong link on a website, you run the risk of downloading either malware or malicious code to your smartphone. If your phone is set up to block malware installs from outside the Google Play Store, that's a good start, but malware won't always look like an app.
Usually, you'll just have to avoid actively downloading something, but in some cases you won't even have to click a link or opt in. A method called 'drive-by download' installs malicious code directly into the source code on your phone or tablet. This is usually done through exploiting known flaws in older versions of the Android operating system. Keep your phone as up to date as possible and, along with a robust antivirus software for Android, you should be safe.
Are the built-in security features enough?
The built-in security features for Android offer a great base level of protection, but they're simply not enough to keep you safe.
The settings which stop you downloading apps from outside the Google Play Store are, on paper, very useful. That said, for anyone who's rooted their mobile phone or side-loads apps, it's not going to be a setting that stops you accidentally downloading a malicious app or code.
On Android devices running Android 7.0 or above, you'll also have the option of using a built-in security key. You'll be able to set up two-step verification. Again, this is useful for stopping unexpected sign-ins and blocking devices, but its protections only go so far.
Neither of these built-in safety features scan your phone for potential threats, flag suspicious-looking sites, block phone calls or prevent malicious software from being installed. We'd always recommend running regular software and security updates, using a password manager and installing antivirus software for Android.
For optimal device security, antivirus protection is by far the best option. While you don't have to worry about traditional viruses, these antivirus apps will offer security software to protect you from malicious software, remotely wipe and block stolen devices or flag a suspicious site.
Get ESET Mobile Security for Android
Protect your Android smartphone from existing malware, run antivirus scans and defend yourself from new and evolving threats with ESET Android security. We use machine learning to adapt to both new and unknown threats, alongside a host of other security features. Your licence can protect across multiple devices too. Start your free 30 day trial today.