Free apps not free of creepware


Don’t have a built-in calculator on your phone? There’s an app for that. Need a flashlight? There’s an app for that, too.

You have probably downloaded apps for Facebook, Twitter, Instagram, games and utilities to make your daily life easier.

As easy as it is to download and use these convenient apps, it’s just as easy for viruses, worms and Trojan horses to take over your phone. These malicious codes are known as malware.

The malware that unsuspecting phone users should be worried about is called creepware. This type of malware spies on your online behavior and tracks your exact location, then passes on that information to third parties like advertising networks.

“Most free flashlight apps are creepware,” said Gary S. Miliefsky, CEO of Snoopwall, a company that specializes in cybersecurity.

In 2013, Goldenshores Technology agreed to settle Federal Trade Commission charges against the company’s “Brightest Flashlight Free” app for secretly supplying cellphone locations to third parties.

The FTC complaint alleged the company failed to tell consumers that their precise location would be passed on to third parties and advertising networks.

Even when consumers were given the option to “accept” or “refuse” terms and conditions, private information was still passed on no matter which option they chose.

“Consumers trust first and verify never,” Miliefsky said. “As a result, most of their smartphones are infected with malware that they trust in the form of some useful app or game.”

Pima Community College student Kyle Fruechtenicht has only downloaded the Facebook, Twitter and Instagram apps. His calculator and flashlight were built into his phone.

He believes the built-in apps were an intentional precaution.

“I think developers did it to protect themselves and to protect the customer,” Fruechtenicht said.

Miliefsky and Rob Shimonski, author of “Cyber Reconnaissance, Surveillance and Defense” have outlined tips on protecting your phone and privacy:

• Assume you’ve already been compromised. One red flag is seeing multiple advertisements pop up while using an app, then seeing the same advertisements in your spam inbox.

• Verify the behavior and privacy risks for apps before installing them. Is an app that requires access to your GPS pinpoints, microphone, webcam and contacts a necessity?

• Do a smartphone version of spring cleaning. Delete all apps that you don’t use often or find alternatives that don’t demand so much access to your personal information.

• Turn off Wifi, Bluetooth, Near Field Communication and GPS except when you need them. If you check in on Facebook while sitting at a coffee shop or shopping at the mall, you are leaving yourself vulnerable to an attack from hackers.

• Control the amount of information you share on sites that use geomapping and geolocation, such as social media sites.

• Check to see if your email has put a tracer on you and your phone. Even when your GPS is off, your every move is still being tracked. Simply go to “settings” > “location” > “Google location reporting.” Set “location history” to turn off the tracking feature.

• Limit your personal information, such as your home address and full name, when you sign up for accounts.

Fortunately, Fruechtenicht can say he’s yet to experience being hacked, but he is still cautious.

“It’s an invasion of privacy because you’re not giving consent to that person,” Fruechtenicht said. “But at the same time, if you downloaded an app and you agreed to whatever terms, then you kind of gave away your privacy, because you accepted it.”

Pg07-Zack drawing-Modern horrors weekly
(Aztec Press illustration by Zack Ledesma)


Leave a Reply

Your email address will not be published. Required fields are marked *