Cybercriminals work hard to exploit vulnerabilities in the way software works, and trick people into providing their personal information. One of the most common ways of doing this is to use malicious websites and applications, either for your computer or your phone. By posing as an existing app or aping its features, criminals can trick you into thinking they are legitimate, and use this to harvest your data.

Most of the websites you visit and applications you download will be safe, but looks can be deceptive, and some that appear safe are not what they first seem to be. Here are some simple tips on how to avoid these malicious websites and apps, and keep your data safe as you use your devices.

How malicious sites and apps work

Malicious websites designed to steal user data have become a widespread problem. In January 2021, Google counted over 2 million ‘phishing’ websites – sites which pose as established brands in order to trick you into entering private information. Apps can work in much the same way, except with the added danger that they often ask for permission to access different features on your phone, which can give them even more data.

Some malicious websites also try to install harmful malware on your device. This often poses as a useful utility such as a ‘disk cleaner’, but is actually a way to harvest your sensitive information, or use your computer to complete tasks such as cryptocurrency mining. This malware can slow your computer down dramatically and cause irritating popups, as well as compromising your personal information.

Other software known as ransomware can hold your documents and data to ransom, demanding that you pay the cybercriminals money in order to get them back. Websites can even install malicious software on your device as a ‘drive-by’ download, entirely without your consent or knowledge. While many of these sites and apps are not linked to from official app stores or major sites, some still slip through the net, meaning that you have to be extremely vigilant.

How to avoid malicious sites and apps

Fortunately, you can stay safe from malicious websites and applications by following a few simple steps:

• Only install applications from official application stores like Google Play, the Apple App Store and the Amazon Appstore. If installing a third-party app store like the Amazon Appstore, make sure you get it from Amazon’s own app or website.
• Before you download or install anything, consider whether you can trust that the site is safe. Check the URL to make sure it’s correct, and look for the lock icon in the top left of your browser’s address bar to make sure the site is secure.
• Ensure you’ve updated your operating system and apps with the latest security patches, as malicious sites and apps can exploit vulnerabilities in these to capture your data.
• Read reviews of apps before installing them, and avoid apps with low scores.
• Avoid suspicious and high-risk sites such as gambling and adult entertainment sites. Never download anything from these sites, particularly in an archive or .exe format!

Look out for and avoid:

• App Store reviews and strange app descriptions. A genuine app will have lots of reviews and ratings left by users, and a detailed description about how the app works. There’s usually safety in numbers – an app that’s been downloaded and reviewed thousands of times can normally be relied upon, even if you haven’t heard of it.
• Look for the checkmark. Most app stores have a list of official, authorised developers with checkmarks next to their name, similar to Twitter or Instagram verified users. These will help to you identify major developers such as Apple or Microsoft.
• Address common mobile vulnerabilities. Mobile devices can be more susceptible to malicious apps and other kinds of security threats. Be extra vigilant on mobile, and avoid any dodgy websites, as mobile browsers are less able to recognise and combat them.
• Check for higher-than-usual data usage. Malicious apps often use your mobile data to perform sketchy tasks in the background without your knowledge. If you see that you’ve used a lot of data and don’t know why, a dodgy app may be to blame.
• Check your monthly data usage in your settings, or install a dedicated data monitor. You can always cap your data usage temporarily to stop these apps performing tasks and communicating in the background, until you can identify and uninstall them.

—

Malicious websites can cause serious harm to the safety of an organisation’s data and systems as well as those of individuals. Many of us take our personal devices into work, or use work devices for personal pursuits – putting work and home networks at risk when we connect to them.

Protecting against this requires good knowledge of internet browsing, but also a great deal of common sense and simple attentiveness. With the guide above, you can start to spot the dangers and hear the alarm bells when it comes to malicious sites and apps, and put the right tools and technologies in place to protect your devices.

If you are ever in doubt about a site you’ve visited or an app you’ve installed, it’s always best to let your IT support team know as soon as possible. For further guidance on staying safe online and protecting your devices or networks, don’t hesitate to contact the team at Sota today.