Getting a computer virus can be a disaster, but can phones get viruses too? Find out how malware and other security threats can endanger your mobile device, and learn how to protect the data on your iPhone or Android phone from malicious software.
This article contains:
Criminals take advantage of vulnerabilities in out-of-date operating systems or browsers to target your phone, or exploit weaknesses in Wi-Fi networks. Alternatively, they might try to con you into accepting malware by downloading a fake app or by clicking a link in a bogus text message or email, or on a dubious website.
There’s a lot to be aware of, and the techniques and tactics that criminals use are evolving all the time.
Put simply, a virus is a type of malware, and malware is a type of threat.
But these terms are often used loosely. It’s not unusual to hear all types of malware referred to as “viruses”. And you can find articles online where a security threat to your phone that doesn’t involve harmful software is described as a “virus” or “malware”.
To get a better idea of the difference between the three terms, let's look at them one by one:
A virus, as we mentioned above, is a specific type of malware that copies itself by inserting its code into other programs or your operating system.
Malware is the general name for any kind of harmful software, including viruses.
A threat is the catch-all term for any kind of security risk to your phone, including mobile phone malware.
While you're not likely to catch a phone virus, there's a much higher risk of your phone being infected by other kinds of malware. The most common ways that malware gets onto your iPhone or Android device are:
Downloading apps to your phone
Downloading message attachments from an email or SMS
Downloading content to your phone from the internet
Connecting your phone to another device
Downloading a malicious app is the most common way for Android malware to get onto your phone. For iPhone users, app-based malware is much rarer but may still be a risk.
Android phones are more vulnerable to malicious apps than iPhones because, unlike Apple, Google allows the downloading of apps from sources other than the official Google Play app store. By default, though, Android disables the downloading of apps from other sources. Don’t change this setting unless you’re sure you know what you’re doing.
Google and Apple are occasionally tricked into hosting malicious apps, so you should be cautious even if you’re downloading from Google Play or the App Store. The best way to avoid downloading a malicious app to your phone is to do a little research. Ask yourself these three questions:
Is the app popular?
If an Android or iOS application has thousands or even millions of users, there’s a very good chance it’s legit. Check, for example, how many times an application has been downloaded from the Google Play Store or the App Store.
Does the app have good reviews?
Take the time to read an app’s reviews on the Google Play Store or the App Store. Are they positive? Do they sound like they’ve been written by a genuine user? Cybercriminals often post short, fake reviews to try to trick you into downloading an app containing malware.
What other apps has the developer created?
Genuine app developers often create more than one app. If they have, read the reviews of those apps too. If not, be wary.
Stay on the lookout for potential risks after you’ve downloaded an app to your phone. Signs that an app could be used to deliver malware or some other type of threat include:
If a phone app asks you to download an urgent security update, stop, think and do a little Googling. Have other users downloaded this update? Were they happy with the result? If not, don’t download it.
Poor-quality look and feel
Does the phone app you downloaded look and behave like a professional app? Spelling mistakes, badly reproduced logos, and poorly designed interfaces are all signs pointing towards a fake app that delivers viruses, malware or other threats.
If you think your iPhone or Android device has been compromised, you’ll probably need to perform a virus scan.
There’s a relatively simple way to find malicious apps and remove viruses from an Android phone. First, run a virus scan, such as Avast Mobile Security for Android, to resolve any immediate threats, then manually uninstall the malicious apps.
It’s essentially impossible for a virus to break into the iPhone’s iOS operating system. The only way a hacker can get malware onto an iPhone is through software downloaded from outside the official iOS App Store, on a device modified to avoid Apple’s normal download restrictions. This modification is known as “jailbreaking”.
The most common route by which malware might infect an iPhone is for hackers to target a set of tools known as a software development kit (SDK). An SDK allows the owner of a jailbroken iPhone to create and install unofficial apps on their device but can make iPhones more vulnerable to malware.
Finding and removing malicious apps and viruses from an iPhone is relatively straightforward. First, remove any suspicious apps or SDKs, then simply clear your phone’s history and data, and restart. (If that doesn’t work, try restoring your phone from an earlier backup or, as a last resort, restoring your phone as a new device.)
Text messages are just one of the ways that criminals try to persuade people to download malware.
Simply opening and reading an SMS text message is unlikely to infect your phone, but you can get a virus or malware if you download an infected attachment or click a link to a compromised website.
If in doubt, avoid downloading any unknown attachments or clicking any strange links, and delete the messages that contain them from your phone.
A questionable email alone is unlikely to infect your phone, but you can get malware from opening an email on your phone if you actively accept or trigger a download.
As with text messages, the damage is done when you download an infected attachment from an email or click a link to a malicious website.
Clicking dubious links on web pages or even on malicious advertisements (sometimes known as “malvertisements”) can download malware to your cell phone.
Similarly, downloading software from these websites can also lead to malware being installed on your Android phone or iPhone.
Sometimes you don’t even need to click a link or download button on a malicious website for your Android or iPhone to be compromised. A website that contains a “drive-by download” can take advantage of vulnerabilities in your mobile phone’s operating system, web browser or app to install malicious code.
Once on your phone, the drive-by download’s only job is to contact another computer and download the rest of the code needed to launch a cyberattack.
The good news is that protecting yourself against drive-by downloads is usually a case of taking some simple precautions:
Avoid clicking sketchy links or visiting suspicious websites
The most obvious way to avoid drive-by downloads is to stay away from websites that harbor malware. That’s sometimes easier said than done but it’s a good idea to be skeptical of links in unsolicited emails or text messages, or in social media posts from unfamiliar sources.
Keep your phone software updated
Drive-by downloads only work if there’s a security flaw in your mobile phone’s operating system or web browser, or in an app you use. Once identified, those vulnerabilities are usually fixed in updates, so make sure you keep your phone’s software current to avoid drive-by downloads.
Install an antivirus app on your phone
A good free antivirus app, such as Avast Mobile Security for Android or Avast Mobile Security for iOS, can help prevent drive-by downloads and, if worst comes to the worst, can help find and remove malware from your phone.
Knowing what a virus can do to your phone can help you prevent and detect problems with malware.
Different types of malware affect iPhones and Android phones in different ways, but often, the goal is to steal sensitive data.
Hackers can use malware to collect personal information when you use your cell phone to write text messages or emails, or when you fill out online forms. Malware can even record your voice calls and send those recordings to hackers, in the hope of revealing information they can exploit for financial gain.
Another common scam is using malware to send text messages to premium-rate telephone numbers from a victim’s phone, often without their knowledge. The victim pays the bill; the scammers pocket the money.
Malware can also have a negative impact on your phone’s performance, slowing down your device and making everyday use unbearable.
Types of attack can vary across mobile phone operating systems, so read on for Android- and iPhone-specific advice.
Android phones are at greater risk of being infected with malware, mainly because Google allows Android users more freedom than Apple gives to iOS users.
As we’ve mentioned, Google allows Android users to download apps from outside the official app store, which can open the door to malware.
Also, because many mobile phone manufacturers customize the Android operating system to suit their own requirements, it’s more difficult for Google to ensure that all its users are using the most secure version of the Android OS. Important security updates can take months to roll out to Android customers, leaving phones exposed.
Signs that your Android phone might be infected with malware, virus or another type of threat include:
Unfamiliar apps suddenly appearing on your phone
Apps crashing more often than usual
Big increases in the amount of mobile data that your phone is using
Your phone battery draining more quickly than usual
Your phone overheating
If you think your Android phone has been infected with a virus or other malware, a mobile security app is your chief ally.
Run an antivirus scan then follow the instructions on how to detect and remove an Android virus.
We now use our Android phones in virtually every aspect of our lives, making them an increasingly attractive target for hackers, virus-writers and other cybercriminals.
With so much valuable information at risk, it makes sense to have an additional layer of security and install virus protection for your phone. It’s not always possible to recognize and react to every threat your phone faces, and the default protection offered by the Android operating system is often slow to update.
A trusted mobile security app like our free Avast Mobile Security for Android is an essential tool for keeping your phone safe from harmful viruses and other malicious software.
Malware is rare on iPhones, but the idea that Apple’s iOS operating system is entirely immune to malicious attacks is mistaken. Sensible precautions are needed to protect yourself from other threats.
Phishing attacks, for example, are more common than iOS malware. One technique uses bogus pop-up ads in an attempt to persuade iPhone users that their phone is infected and they must download additional (malicious) software to fix the problem.
Signs that your iPhone might be infected with malware, a virus or some other type of security threat include:
Frequent pop-up adverts, often disguised as system warnings
Apps crashing more often than usual
Big increases in the amount of mobile data that your phone is using
If you suspect your iPhone has been compromised by an external security threat, the best advice is to simply uninstall any software you think might be to blame.
As we already mentioned, removing malware and viruses from an iPhone is relatively straightforward because it’s virtually impossible for a virus to infect the iPhone’s iOS operating system.
Normally, you’ll just need to delete any unwanted apps or downloads, then clear your phone’s history and data, and restart. A good iPhone antivirus app, such as Avast Mobile Security for iOS, will guide you through the process.
To keep your iPhone safe every time you go online, we recommend Avast Mobile Security for iOS, a free suite of tools that gives iPhone users the security they need.
While not technically an “antivirus,” Avast Mobile Security for iOS keeps your iPhone protected from all the threats you’re likely to encounter.
Features include the ability to check the security of the wi-fi network you’re using, and to keep your passwords and photos safe from intruders.