Most messaging apps today are relatively safe since they use encryption when sending messages. On iOS, this fact makes such applications really quite reliable. However, it’s worth remembering that the user may face an attack on the device or an attempt by attackers to infect it. That’s why, on Android, the situation is a bit different, since, for example, there is a built-in Accessibility Service. Attackers are known to have exploited the capabilities of this service in order to collect user data. In particular, last year, we discovered stalkerware that could receive the text of incoming and outgoing messages from instant messengers using this standard function.
That’s why, in order to protect your data, we recommend that mobile device users adhere to the following rules:
• Don’t download messengers and other programs from third-party sources. Use only official application marketplaces.
• If possible, acquaint yourself with the user agreement. There are situations when the developer of the app openly warns that they may share user data with third-parties.
• Do not follow suspicious links from messages, even if they were sent to you by your friends.
• Use security solutions when possible on your mobile devices.
• Pay attention to which permissions downloaded applications request. If the requested permission is not necessary for the full functioning of the application, then there is a reason to be wary. For example, the flashlight app clearly doesn’t need access to the microphone.