Applications and extensions are a great way to add new capabilities and innovations to your devices. From the online shopping app on your phone to the task-manager on your Chrome browser, you can download tools to do just about anything. These tools are often found on sites we trust, like the Apple App Store, Google Play, Chrome, etc. However, due to the sheer volume of apps being uploaded every day, there isn’t complete regulation on the cybersecurity, privacy and safety of applications and extensions.
How do I tell the difference between a safe app or extension and a malicious one?
Check the reviews – Credible applications will have extensive positive reviews from real users. Even if an app has five-star ratings, check to see how many and who they’re from. Malicious app-developers can pay for bots to review their app in order to fake credibility. If you see lots of positive reviews that look like they’re from real users, it’s a good sign.
Ask for recommendations – We’re all living in the digital age! If you’re looking for a specific tool, ask your friends and family what applications they recommend, or do a quick Google search to find highly recommended tools.
Look at the developer’s website – You can find the developer name directly under the name of the extension and you can usually find more information about the developer by clicking the name.
What happens if I’ve downloaded an unsafe app or extension?
Unsafe applications and extensions can infect your device with malware. Malware is any type of malicious software designed to do damage to your device or network. Examples of malware include viruses, worms, trojans, rootkits and keyloggers. Malware can make your device run less efficiently and can cause a serious breach to your private data.
While it may not be considered “malicious”, it is important to consider the privacy risks of legitimate applications as well. Often, apps will have automatic permission-settings that will allow them to take more data than what you may be comfortable with. Go into the settings of your smartphone to adjust the permissions of each individual app, and adjust your Chrome app and extension permissions.
What do I do to recover?
When malicious software is downloaded on your device, don’t panic. FightCybercrime.org covers a list of immediate action steps for recovery from a virus/malware:
- Disconnect the infected device from the internet and business network. This will help stop the spread of malware to other devices on your network.
- Identify where the infection originated from. This will help you to understand what type of malware you’re dealing with and how it got onto your system. If you can’t identify the source, you can use a malware removal tool to scan your system.
- The virus may only be present in a program you recently installed. First, uninstall recent apps and remove new browser extensions.
- Restart the device in safe mode. To learn how to restart your specific device in safe mode, go to the device manufacturer’s support site.
- Run a full system scan to check if your device is infected. If a virus is found, delete the file(s).
- Rescan your device to check for additional threats. If additional threats are found, delete those files too.
- Once the scan comes back clean, restart your device. It no longer needs to be in safe mode.
- Change your passwords in case they were compromised.
- Update your operating system, software and browser. These updates will patch security vulnerabilities to help protect your data.
After you follow the steps mentioned above, it’s important to report the incident. You can report a malicious app within the Apple App Store or Google Play by going to the app and flagging it as spam. Report cybercrime incidents to the FBI/IC3; these reports are crucial to national cybercrime data-collection efforts. Collecting information about the scope and impact of cybercrime helps address cybercrime as a whole.
For more information about how to recover from malicious applications and extensions, visit FightCybercrime.org.