Have you ever counted the number of apps on your phone? How many of them came built in and how many did you download? Have you ever bothered to check what kind of permissions you ‘granted’ the apps before downloading them?

If you haven’t already, you must do a check, as you may be under ‘sneak’ attacks. These are launched by hackers hiding behind the apps that you have unwittingly downloaded.

Hackers seem to have added new tricks to their arsenal. There is a sharp increase in attacks from hidden apps on smart phones. The year 2020 could be the year of mobile sneak attacks, making it difficult for people to identify and address them, say experts.

In a threat forecast report for 2020, cyber security solutions firm McAfee said hidden apps have emerged as the most active mobile threat, generating nearly 50 per cent of all malicious activities in 2019. This was 30 per cent more than the previous year.

“Hidden apps take advantage of unsuspecting consumers in multiple ways, including taking advantage of consumers using third-party login services or serving unwanted ads,” said Venkat Krishnapur, Vice-President of Engineering and Managing Director, McAfee India.

Mobile devices turn vulnerable as they have become a part of people’s lives. “They are also amongst the easiest attack vectors for cyber criminals because consumer awareness towards the security of their devices and apps is low,” Krishnapur added.

“It’s highly advisable that consumers stay vigilant with regard to where they download applications from, what they click and also ensure they use the right security software on their devices, to enable detection and protection of their digital lives.”

‘Game’ fraud

Hackers also try to make a quick buck through popular games. “They spread links to malicious apps in gamer chat apps. These apps masquerade as genuine ones with icons that closely mimic those of the real apps but serve unwanted ads and collect user data,” said Krishnapur.

McAfee said all popular apps, such as FaceApp and Spotify, have fake versions, which hackers use to prey on unsuspecting consumers.

“Ratings and reviews have a significant impact on an app’s ranking, so generating fake reviews is becoming another way of monetising cybercrime. A new malware family, called LeifAccess or Shopper, takes advantage of the accessibility features in Android to create accounts, download apps, and post reviews,” said Raj Samani, McAfee Fellow, Chief Scientist.

How to be safe

McAfee advises users to do some research about the app developer and the source before downloading an app. “Many of these have been flagged by other users,” it said.

It also asks people to read reviews carefully. Watch out for reviews that reuse the same simple phrases. If you find come common phrases, chances are the app in question is malicious.

Both operating systems and apps should be frequently updated so that they have the latest fixes and security protections.