A Beginner's Guide To Understanding Madware

In recent years, as the work-life balance seems to have blurred together, many employees now use their personal devices for work.

Fully 75 percent of employees said they used their personal cell phones to perform work activities, according to Zippia’s research team. 

However, doing so presents a number of cybersecurity risks, including the threat of madware.

What Is Madware?

Madware is a combination of the words mobile and adware.

Adware is unwelcome software that infiltrates a computer and serves up annoying advertising materials.

By extension, mobile adware is intrusive advertising on a smartphone or tablet.

Currently, most madware exists for Android smartphones and tablets due to Android’s open platform and its worldwide market share — approximately 72% of mobile operating systems are Android.

While iOS devices still susceptible to madware, it’s more likely to infect Android devices. 

How Do You Get Madware On Your Phone?

The most likely method to get madware on your device is by downloading a free app from an app store. 

Then, the madware may use that app to install itself onto your device. 

Once installed, madware creators hope you’ll click on an advertisement, whether that’s on purpose or on accident.

When you click on madware, madware creators get paid by how many views the ad gets, how many clicks the ad gets, or how many times the software is added to a device. 

How Does Madware Affect My Phone?

Madware affects phones in a number of dizzying ways.

First, it’s important to note that adware—and by extension, madware—is not a virus. 

However, madware can slow down your phone and make it prone to crashing, snarling workplace efficiency and potentially exposing your network to other threats.

Madware can also tag team with its cyberthreat counterpart, spyware, to report your information to a third party. 

Together, madware and spyware can:

• Collect user data, including location and search history, and anything else you type on your keyboard.
• Display unwanted ads in your notification bar.
• Add icons or shortcuts to your screen.
• Replace your ringtone with an audio ad.

Finally, madware can charge you more than you wish for data and text messaging. 

The madware may send you text messages that prompt you to click the link and further infect your phone.

What Can You Do About Madware?

As with any cyberthreat, the best protection is prevention.

That’s why we recommend including madware as a topic in your security awareness training.

The following tips should help prevent the spread of malware amongst your colleagues.

• Be cautious about installing new apps. Only install apps that can be downloaded from an official app store. This includes the Apple App Store, Google Play, or a corporate app store.
• Don’t click pop-up ads. Sites or apps that include pop-up ads are often looking to inject madware onto your device.
• Read the terms & conditions during app installation. You may need to explicitly opt out of the ads you receive as part of the app you’re downloading. 
• Read reviews before downloading. Check these reviews to see whether anyone had any negative experiences with regard to an app’s ads. 
• Don’t click attachments or links in email unless you know the sender. One of the most common ways SMBs fall victim to a cybersecurity breach is through email. This strategy, called phishing, is routinely at the top of the list for reasons for a breach. This is especially risky for BYOD users who may be performing personal activities in addition to business functions on their phone.
• Keep your systems and apps up to date. Hackers may exploit old vulnerabilities in your operating system or apps.

If you suspect madware has been installed on your personal device as a result of business usage, check with your IT team on endpoint detection & response programs that can be used to clean it up. 

As you work to understand your business’ policies on using personal mobile devices for work purposes, keep madware in mind as a potential cybersecurity threat. 

Work with your internal team to account for mobile adware, or work with an IT partner such as Integrity to support your team.

Still not sure how secure your organization’s data is? Download your complimentary, 20-point data security checklist today!

Integrity is a managed security service provider, specializing in compliance and working with regulated businesses and organizations. Integrity features a fully staffed help desk that provides immediate response and support, a dedicated information security team, and a C-suite of experienced technology advisement resources ready to help your business. Learn more about what we offer and what it’s like to work with us here.