Key Takeaways

  • Google Play Protect scans apps from the Play Store and unknown sources to ensure they are safe. Enable it in the Play Store settings for extra protection.
  • Avoid downloading apps from third-party stores or unknown sources to minimize the risk of downloading malicious apps or malware.
  • Check app permissions before installing to determine what data or features the app can access. Use the built-in Permission Manager or AppBrain for a comprehensive analysis.

The Google Play Store is not the only way to download Android apps. Third-party app stores give you access to apps that are not available on the Play Store, with some even claiming to offer paid apps for free. By sideloading these apps, you're potentially risking your personal data.

Sometimes, apps on the Play Store are not safe either. They can ask for a host of permissions to access data they don't strictly need and push ads to track you. While Google works hard to keep harmful apps out of Google Play, you should also take precautions at your end.

So, let's look at how to detect and avoid potentially dangerous apps on Android.

1. Use Google Play Protect

The Play Store is the safest place to browse and install Android apps. Google employs a variety of security mechanisms and ensures that the apps you download are safe. One such mechanism is Google Play Protect, which works in the background to scan apps from the Play Store as well as any you install from unknown sources.

To check the status of Play Protect on your device, open the Play Store, tap your display photo, and select Play Protect. Then check the status of Recently scanned apps and toggle the Improve harmful app detection option in its settings to send unknown apps to Google for further review, if you like.

In this way, it better protects you against the apps you sideload on your Android device.

2. Avoid Apps From Third-Party Stores and Unknown Sources

There might be certain situations where you'll have to take the sideloading or third-party app store route. For example, you might want an app that is not available on the Play Store in your region or want to install an older version of a particular app if the new one starts crashing or removes the features you need.

Generally, we'd recommend not installing apps from outside the Play Store as much as possible, although if you need to you should use the most reputable and safe sites for downloading APK files.

There are many other app stores out there and many of them don't even require developer registration for submitting apps. They often lack security controls, strict policies, and quality control, so it's easier to download malicious apps.

Lastly, if you're trying to get a cracked or modded version of an app, you'll only find them on dodgy websites and stores, and you'll never be sure if you're downloading malware instead of a legitimate APK. So, a rule of thumb: if it sounds too good to be true, it's best to steer clear of it.

3. Cross-Check App Permissions

Since Android Marshmallow, you grant apps individual permission to access certain data or features as needed. Before installing any app, you should take a complete look at the permissions the app wants.

At the bottom of every app's info page, you'll see a section labeled Permission details. But this is only a basic summary. It tells you what permissions the apps asks for, but not what it actually uses the permissions for.

That's where the built-in Permission manager comes in handy. This section of your Android phone's settings has all the components to which apps might ask for permission to access. You can tap on each component to get a list of apps having access to it. For example, tap on Camera to find the apps accessing the camera, and you can change the permission for each app from here.

Alternatively, go to AppBrain and enter an app name in the search box. Then click on the app's page to see an in-depth analysis. Take note of the app's age and last updated date, the frequency of updates, permissions the app uses, and ad networks the app uses.

Based on this information, you can decide whether to install or skip the app. AppBrain will also suggest related apps so you can find an alternative that has a good score and fewer permissions.

4. Review the App Listing Page

Checking whether an app does what it claims to do is a good way to weed out problematic apps. Sometimes, detecting abnormal behavior is not easy. A behavior considered malicious in one app may be a feature of another app. Pay close attention while taking a look through the app listing page and utilize these tips:

  • Instead of looking at the star rating, read the reviews and pay attention to what users are saying. Check the Critical and the Most recent reviews for the Latest version. Some developers buy fake reviews, but you can spot those generic praises.
  • The description should highlight and describe the key features of the app. Look for signs of professionalism, including proper sentence structure, clean grammar, and a lack of spelling errors. A reputed developer will usually explain major features instead of simply listing them, and most also include a feedback link.
  • The Play Store policy suggests that screenshots should show off the best and most essential features of your app. If the screenshot is stolen from the legitimate listing, showing more generalized images of the interface, that's a warning sign.
  • Take a quick look at when the app was released and how many people have downloaded it. A recently released app from a small developer should not have a huge number of downloads, and it indicates phony downloads.
  • Verify the developer's name right below the app's name. Check the other apps it has published, and if you see a single app (especially with a mismatch in the download count and published date), then beware.
  • To see if an app is a copycat, check the spelling. For example, WhatsApp Messenger is developed by WhatsApp LLC. If you see "WhatsUp" or "WhatzUp Messenger," run away!
  • If an app collects and transmits personal or sensitive user data in any way, then it has to declare so in the privacy policy. At the bottom of every app listing, there's a section labeled Privacy Policy. If there's no such section or a generic copy-pasted one, it's a red flag.

5. Always Install System Updates

Google releases monthly security updates for Android. Ideally, you should install the updates as soon as they arrive because they protect your device against specific vulnerabilities that malicious apps try to exploit.

However, not every mobile manufacturer releases timely updates. Thus, your buying decision with your next phone should consider whether the device will receive support for at least two years of major upgrades, plus periodic security updates.

This point is an extension of all the points listed above, but it's still pretty important. As a smartphone or internet user, it's ideal to develop a sense of identifying clickbait.

There are app and site developers out there who have identified certain needs of users, like converting a PDF to Excel format, and they use those very keywords as clickbait because a large number of people are searching for those terms. So, with their fake apps and links, they're usually getting paid for clicks or views, or they may be trying to hack you.

You can detect and avoid clickbait on your Android phone by following the tips we've mentioned, including the next one. However, we'd urge you to aim at making this skill second nature to stay safe in the wild, wild internet.

7. Use an Antivirus

The final tip is quite obvious yet often ignored. An antivirus app can help in case you forget to take your precautionary measures. It can act as your second line of defense. You have plenty of great free antivirus apps for Android that you can install. Most of these apps just require an initial setup, and they work in the background from there.

Avoid the Obvious Scam Apps

Google is doing its best to keep malicious apps away. It frequently tweaks the Store policy and bans apps that violate these guidelines. If you take the precautions discussed here, you're likely to stay safe.

These tips are a combination of automatic and manual steps so that it doesn't come across as a cumbersome task. Some of these tips will even become an instinct for you, requiring no conscious effort with time.