Some applications for Android phones and iPhone (iOS) may, eventually, have access to more information than we like. Apps are already part of everyday life for many people and, to use them, it may be necessary to enable some data permissions. Scandals involving big software, such as Facebook, WhatsApp and even companies like Google, gain space in the headlines from time to time when it comes to privacy.
READ: Apple the most used brand in scams during quarantine
Check out the following list of eight ways in which mobile applications can collect user data. Also see what to do to prevent personal information from being exposed unnecessarily, as well as how to protect yourself when necessary.
See different ways in which apps can access your data and learn how to protect yourself Photo: Luciana Maline / dnetc
Want to buy cell phones, TV and other discounted products? Meet Compare dnetc
Stalkerwares or spyware are types of spy applications that, when installed, are able to pass on personal information to third parties. All actions performed by the user on the cell phone can be observed by someone else, be it a jealous partner or a criminal. Malicious applications like these need physical access to the cell phone to be installed, but it is also possible to enable it remotely by phishing scams.
Phishing is a scam used primarily to steal information from victims, such as credit card numbers and passwords. In such malicious software, suspicious activity occurs when malware is accompanied by another application, being able to infect the device and leaving personal information exposed.
Spy apps are malicious software that steal information from victims Photo: Pond5
Spyware and stalkerware are difficult to detect software, but some tips can be followed and observed by users who suspect malware infection, since the number of attacks caused by this type of application grew by 228% in Brazil in 2019. When installed, the software can have potential access to all information saved on the cell phone, including photo gallery, bank passwords, social media conversations, Internet search history and, in some cases, access to the smartphone's camera and microphone.
A survey conducted by the company Statista in 2018 concluded that 22% of Internet users in the United States have had their online accounts hacked once, and that 14% have had their accounts hacked on more than one occasion. Every day, hackers and cybercriminals discover new ways to hack users' online accounts to steal information.
New scam modalities include "cloned WhatsApp", and do not necessarily use malware or viruses. Criminals are able to clone a user's messenger account by posing as representatives of well-known companies, using the application's verification code. In another modality, hackers are able to circumvent the identity verification mechanism of the telephone operators by cloning the device's chip and having access to messenger accounts like WhatsApp.
Messages sent by criminals to try to clone WhatsApp Photo: Reproduo / Kaspersky Lab
Some actions can prevent cloning and hacking of online accounts, such as avoiding clicking on suspicious links received by WhatsApp, e-mail or SMS, as they may be phishing scams. In addition, it is important not to use the same password on different accounts, in addition to enabling two-factor verification for account login.
Applications downloaded on Android need some permissions to be accepted in order to run. However, it is necessary for the user to pay attention and be careful or at least suspect some doubtful permissions, especially those that completely escape the proposal of the app in question.
Some fake apps available on the Google Play Store can serve as phishing to infect your device with malware, or the developer behind the app can profit from using adware. Therefore, I need to be careful when enabling the permissions suggested by an app, as well as being careful when registering information on the platform, such as addresses and credit card numbers.
Check and review permissions enabled on applications installed on your phone Photo: Bruno De Blasi / dnetc
Another danger that apps created on the same development base can enable permissions on a shared basis: if you have denied an app permission, but enabled tuning on some other program created on the same software development kit (SDK), it is possible that both applications have access to your information, even if they have no apparent relationship.
4. Bugs and vulnerabilities
The operating systems of mobile phones should be updated whenever the manufacturers release new versions, for the correction of bugs and security flaws. Failure to keep the system up to date can leave you subject to a number of threats and possible break-ins.
A recent bug in the Facebook app for iPhone with iOS 13.2.2 caused the phone's camera to turn on in the background when users used the app, which raised a number of questions about espionage. The flaw has now been corrected. Months earlier, another bug exposed credit card data from iPhone users with iOS 13.
5. Fake apps that impersonate other services
Last week, with the disclosure of the Caixa application for transfers referring to Emergency Aid, a series of fake applications were discovered from the Play Store. Among them, the fake app "Emergency Aid 2020" already had more than 150 thousand downloads before it was removed from the platform.
This type of fake application is not always malicious or composed of malware, since the form of profit of the developer is usually based on the use of adware, according to information provided by Emilio Simoni, director of the dfndr lab, a laboratory specializing in digital security at PSafe. However, any information registered on the platform can be sent directly to the cybercriminal, which can result in improper registration on other platforms.
Functions involving the privacy of users arouse controversies on social networks Photo: Nicolly Vimercate / dnetc
6. Functions of the application itself
There are also discussions about alleged privacy violations promoted by the main apps and social networks, since some tools made available by WhatsApp, Instagram, Facebook and Twitter cannot be disabled. WhatsApp's "last seen" is one of them. The function can be hidden, but seen by many users as an invasion of privacy, since it shows the exact time of the last use of the application.
Facebook has also suffered criticism regarding user tags in photos, as the facial recognition feature did not warn when the user was tagged in a publication. However, it is possible to disable the function.
In addition to it, the function that showed the likes distributed by friends on Instagram also proved to be controversial, since it could not be hidden. On Twitter, users complain about the visibility of favorite tutes, which are available in the user's timeline, and not in a separate profile tab, as before.
How to remove viruses on an Android phone