[GUIDE] How To Avoid Malware

B. Diddy

Senior Ambassador
Mar 9, 2012
Visit site
Let's face it, malware is a fact of life. As long as there are personal mobile devices, there will be worthless shambling piles of meat that will try their best to exploit them for unscrupulous financial gain or worse. But contrary to what all of those urgent and breathless articles about the latest Android malware threats would want you to believe, it's still highly unlikely that the average Android user will fall prey to them. You can reduce your risk further by following some basic guidelines to avoid malware:

1. Avoid shady websites that deal with things like porn, gambling, and "free" (aka pirated) apps/music/movies.

2. Rely on trustworthy app sources like the Google Play Store, Amazon Appstore, or Samsung Galaxy Store. Their malware vetting may not be perfect, but it will be much better than smaller, more obscure app sources.

3. Be extremely careful with sites that offer APK files for download. Apart from the fact that many of these APK files are illegal (i.e., trying to get around a payment requirement), they're also high risk for containing malware as well, and the sites that offer them typically don't screen for it. (The one exception I can think of would be APKMirror, which is run by the folks at Android Police.) Obviously, APK files offered by the actual developer on their own site should be safe (as long as you trust that developer).

4. NEVER tap on a link or agree to install an app that is presented to you in a browser popup or in an SMS message from an unknown contact, since that's a favorite way for scammers to lure you into installing something. If the app in question looks interesting, search for it directly in the Play Store and learn more about it there.

5. As a precaution to prevent accidental app installation from sources besides the Play Store, turn off the ability for apps from unknown sources to be installed. Go to Settings>Apps>Advanced>Special App Access>Install Unknown Apps, and make sure it's turned off for all apps. You can always turn it back on temporarily if you have to install an app outside of the Play Store that you know is reliable.

6. 3rd party anti-malware/antivirus apps are mostly unnecessary, and can potentially bog down your system as well. The more obscure ones also carry the risk of being malicious in themselves, or at least cram tons of ads and unwanted extra "features" into your phone. Instead, make sure Google Play Protect is turned on in Settings>Security; you can also find it in the Play Store app's own menu. This allows Google to scan your phone regularly for known malicious apps, and will prevent any malicious apps from being installed.​

As mentioned above, although Google does a good job screening for malware in the Play Store, there will still be some bad actors that squeak through. Here are some tips to spot an app that is higher risk for malware:

7. Read the reviews. Look for unusually glowing and effusive reviews without any real details, especially if many of the reviews seem to have the same general wording -- those are most likely fake. Also look at the 1 and 2 star reviews for any rational complaints about issues like intrusive ads, sneaky hidden features, etc.

8. Check the permissions. Ask yourself if the permissions that the app requests make sense for what the app does. For example, why would a flashlight app need permission to access your files/storage? An app that requests a whole laundry list of permissions is a red flag -- but a good developer will explain why certain permissions are needed. For example, a flashlight app will always need Camera permission, because the LED flash (which is used as the flashlight) is part of the Camera module. You can see the permissions an app requests in the app's Play Store page, in the About This Game section (scroll all the way to the bottom)

9. If you're looking for a specific app, make sure you're not installing a knockoff app. For every Minecraft in the Play Store, there will be dozens of absolutely terrible and possibly shady ripoffs, using names and icons that are very similar. Sometimes the app name is a long mishmash of popular/trendy terms, like "Ultimate Racing Fast & Furious Drifting Forza GTR Shaw & Hobbes 2021 Best Driving Game Ever" -- avoid that one like the plague. A couple rules of thumb: the quality of an app is often inversely proportional to the length of its name, and any app that insists in its own name that it's "Best" is probably far from it.​
Last edited:
  • Like
Reactions: f23948

Forum statistics

Latest member