Android Smartphone apps leak banking & social logins!

Recent research [1] suggests that almost 8% of applications or 'Apps' on
Android smartphones fail to protect online logins for banking and social
media sites. These vulnerabilities mean that millions of people could be
at risk of unknowingly revealing their personal & financial data.

In contrast to 'malicious' apps, which are intentionally designed to
steal personal information, these security flaws have been discovered in
'benign' apps that have been created with the best of intentions. While
the developers of these apps will be looking to fix these
vulnerabilities I recommend taking some simple precautions to protect
yourself:

*Top Tips*!

Always be mindful of what services you access over unsecured WiFi in
coffee shops, train stations, libraries and other public places.

Remember that once data leaves your device over an 'open' connection
then it is no longer secure; this includes usernames and passwords.

If it is essential that you can be able to access sensitive accounts
such as your email or online banking over public WiFi, then you may want
to consider installing a VPN for your Android device.

Use different passwords for bank and credit card sites!

As always, when installing apps on your smartphone:-

Check the name of the software developer, this can be a giveaway for
malicious apps. For example the Facebook apps should be from "Facebook",
the Google Maps app from "Google Inc.", Angry Birds from "Rovio Mobile
Ltd". Applications from top developers will also have a blue badge next
to their name.

Check the number of downloads the apps have had. This gives you an
indication of how long it has been available and how many other people
have tested it. Generally it should be pretty safe to install apps which
have had over 10,000 downloads;

Check the star rating of the application. By sticking to apps with a
high rating, you can stay away from badly written malicious apps. Stick
to apps with a rating at least of 3 out of 5;

Find an official link. For sensitive apps such as online banking, it is
recommended to follow a link to the download page from your bank's
official website.

[1] http://www2.dcsec.uni-hannover.de/fi...d/p50-fahl.pdf

--