MOBILE APPS: Stealing Your Information

MOBILE APPS: Stealing Your Information

Alex saw a new app on google play-store, was attracted by the look and feel, downloaded without going through the “Security Permissions”. Since then he has been getting notifications of someone trying to use his email, phone number, etc., for one transaction or the other. Little did he know that he gave the app permission to view his contact details, use his identity. Actually he is being hacked through the free app he downloaded, unknowing to him.

These days so many mobile apps exist on several sites and app stores, to be downloaded for free or at a price; and to enable the app to work on your device, it requires access the phones location, call service and contacts etc. Example, we always see this kind of message before installing an app on our device;

This app requires access to:

Device & app history

Allows the app to view one or more of: information about activity on the device, which apps are running, browsing history and bookmarks

Identity

Uses one or more of: accounts on the device, profile data

Contacts

Uses contact information

Location

Uses the device's location

SMS

Uses one or more of: SMS, MMS. Charges may apply.

Phone

Uses one or more of: phone, call log. Charges may apply.

Photos/Media/Files

Uses one or more of: files on the device such as images, videos, or audio, the device's external storage

Device ID & call information

Allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call

Other

update component usage statistics

receive data from Internet

Funny enough, much users like "Alex" don’t bother to read EULA's (End User Licensing Agreement), they just tap and scroll down to “Accept and Download”, and they often fall victim to fraudulent app developers. So if you should install any app on your device, please don’t be in a hurry to ignore the "Terms and Condition", "Security Permission", before you proceed, cos you may just be “shooting yourself on the foot”. Although, some may be genuine, others may be not, and what baffles me is that these apps don’t just request for permission, they actually demand for permission, such that you can’t edit it, or make your choice, the only option you have is either “accept” or “reject”. Some apps are very tricky, at first they will not demand for much access to personal information, but later on, probably after an update, they will demand for accesses like crazy, without even the user getting to know. Others even requires you to fill in personal data before you get to the download link. BE-WISE! BE-AWARE!