How to protect Android from malware and malicious apps, viruses and spies

Who I am
Miguel Moro Vallina
@miguelmorovallina
Author and references
Until a few years ago, Android was believed to be a very safe system, to the point of not requiring any antivirus. This statement is largely true today, but does not take into account the habits of common users: always more often make mistakes or visit sites that can hide very dangerous threats even for a common Android smartphone.
The consequences of an infection on Android are very obvious: phone slowdowns, faster battery drain, apps or windows open for no reason, apps that we didn't have installed appear and (in the worst cases) a real theft occurs. of saved data and passwords, which can be used to compromise our bank account or personal data on websites. Thankfully just follow a few simple steps to make Android protected from malware, viruses, intrusions and spy or malicious apps, and most of the suggestions are related to the common sense of each of us.

Activate the anti-virus integrated in Google Play

If you think you must necessarily install a third-party antivirus, you will be pleased to know that Google Play integrates its own antivirus, called Play Protect: it scans every new app we install on the phone and scans the apps already on the system at regular intervals, looking for threats.
To make sure that this protection is always active, open the Google Play Store, tap the icon with the three horizontal lines at the top left and then select Play Protect from the sidebar. In the window we will be shown any threats discovered during some scan; to verify the correct activation of this antivirus, click on the gear at the top right and activate both items Look for security threats e Improve detection of malicious apps.

Avoid apps outside the Play Store

Many users search and install APKs, that is apps available outside the Play Store and installable on any Android smartphone. Unfortunately, no form of control by Google is practiced on these apps, so they could very well contain viruses.
To prevent APK apps from installing on your system, just go to Isettings -> Safety and turn off the voice Unknown origin; on modern Android (from 8.0 onwards), every single app can manage the installation of APKs, so we will have to take us to the menu Install sconosciute app and make sure no apps are allowed to install APKs on the system.

Avoid cracks and keygens for paid games and apps

While it may seem smart and smart to download modified cracked apps and paid apps to be accessible for free, there is very little crafty because these modified apps often hide malware or exploits with which attackers can tamper with Android and steal data. stored on your smartphone, slow it down until it stops completely, pop up advertisements out of thin air or steal phone credit.
We avoid using cracks and keygens for apps on Android and if possible we legally buy the apps that interest us.
We can also accumulate some money to be used to buy paid apps in a completely legal way by answering the surveys offered by Google itself, as indicated by the following guide.

Use a safe and secure browser

A browser produced by the phone manufacturer is often provided on Android phones: it is very fast and practical, but it may not have all the best security tools offered by browsers such as Google Chrome o Mozilla Firefox.
To browse in complete safety, therefore, we avoid any browser that we do not know (or of dubious origins) and we only use Google Chrome for Android or Mozilla Firefox for Android.
Furthermore, the opening of Internet sites within other apps can be kept safe by updating the app called Android System WebView, which contains all the security patches released by Google for navigation.

Update all apps

To prevent infections and data theft by malicious people, it is advisable to always update all the apps on the system, possibly in a completely automatic way. Basically we can update all the apps automatically via Wi-Fi, opening the Google Play Store on the phone, expanding the sidebar, taking us to Settings and finally on Automatic app update.
From this menu we can choose the item Only via Wi-Fi; selecting instead On any network, the Play Store will also update apps via LTE or 3G, taking advantage of the data offer available to us (we recommend activating this item only if we have at least 5 GB included in the offer).
In another article we saw how update android apps daily and automatically.

Pay attention to the permissions requested by the applications

When installing new applications, on first run, they may require some permissions to use internal phone functions and stored data.
For example, it is normal for the address book app to ask for access to the contact list, for Whatsapp to access the address book, for the camera to use the phone's camera, for the navigator to use GPS and so on.
In some cases, however, there may be requests that have nothing to do with the operation of the application, for example a game that asks for access to the call list.
In these cases, you really need to pay attention, especially for accessing things like the microphone and the camera that can be used from the outside to spy on the phone.

Avoid links received in chat or on social networks

A very popular way to spreading Android malware provides the use of chat messages on WhatsApp, Facebook or other similar apps, which may come from a friend with an already infected PC or mobile phone.
As already recommended many times, we must never open unknown links received via email or chat and, in case you are very curious, first check if a site is dangerous with the methods already seen and then contact the friend by phone call, asking for information on the strange link received (you will be surprised how many times not even your friend was aware of the threat!).

Avoid downloading movies and music from dubious websites

Downloading music, videos from illegal sites or downloading ringtones or wallpapers from disreputable sites can be very dangerous because these are very sought after things behind which malware can hide. To rest assured you must avoid downloading anything using the internet browser and always use the apps controlled by Google Play.
For example, we have seen here in another article the regular apps to download MP3 music on Android and iPhone without risk.

Install an additional antivirus

If we often catch threats on our Android smartphone or we are aware that we are inexperienced users (despite all the precautions we have instructed you to follow), perhaps it is time to "raise your shields" and focus on a more powerful antivirus than the one integrated in the Google Play Store (which we can leave active without problems).
The best free antivirus for Android that we can install on our Android smartphone are:
  1. Malwarebytes
  2. Kaspersky Mobile Antivirus
  3. Avira Antivirus Security
  4. avast Antivirus
  5. AVG Antivirus
  6. Eset Mobile Security
  7. Bitdefender Antivirus Free

We install one of the following antiviruses, keep it updated automatically and periodically scan the system for any threats. Unfortunately, antivirus are placed in memory and occupy a part of the smartphone's resources: if you notice too many slowdowns (perhaps because your smartphone is old or has less than 3 GB of RAM), better uninstall everything and focus only on the antivirus integrated in the Play Store.

To learn more about antivirus for Android, we refer you to reading the guide on Best free antivirus for Android.

Always keep the system up to date


One of the most effective tricks to protect Android from malware is to always keep the operating system updated: with each update, any bugs or security flaws are corrected and this leaves much less room for any malware to enter the system.
In almost every smartphone you can check for updates by going in Settings > Info on the phone and tapping on System update.
On modern Android phones (8.0 or later), the security patch release system is managed separately from the total update: in this way, all manufacturers can keep old phones safe without necessarily updating them every bit. months. We can carry out the security check by tapping on the menu Settings -> Security status (if available).
If we don't want to change it with a newer one we can try to install a new updated ROM, like the one available with LineageOS; let's check the compatibility of our device with LineageOS from here -> LineageOS.
If an updated ROM is available for our device, we can follow one of the many guides on Google to unlock the bootloader (necessary to change ROM), install a new recovery and finally get LineageOS as an updated operating system.
ALSO READ: Secure your Android phone data in 10 ways


add a comment of How to protect Android from malware and malicious apps, viruses and spies
Comment sent successfully! We will review it in the next few hours.