Mobile malware is gradually becoming a growing concern among smartphone users, because of the fact that a smartphone is not just a phone – it is a logbook which contains all the details about your online identity. Your email account password, bank details, Google Checkout information, PayPal account, Facebook, Twitter, YouTube – oh my!
Just imagine the scenario if anyone gets to access all this information through your hacked Android phone. A malware affected phone can have serious consequences, e.g. a spyware running on infected devices can collect your personal information and send it to eavesdroppers. Once your private information is tapped, the hacker can compromise your email accounts, empty your inbox and read all the archived email conversations.
This is just one example, there are other instances when a malware can delete all the data from your SD card or completely brick your device.
Here is a report  which claims that more than 250,000 users were a victim of Android malware in the year 2011. Some noteworthy stats:
So how do you ensure that your Android phone stays clean and free from malware, spyware, rootkits and other online security threats. Here are some best practices, tips, do’s and don’ts every Android user should know:
1. Make sure the OS / Software is up to date and that you have installed the latest firmware: An updated operating system acts as the white blood cell of your device and protects it from infected applications or third party hack attempts. From time to time, check if a software upgrade is available or whether you need to update your device to its latest firmware . If you don’t know how to do this, seek help from someone whom you can trust.
Tip: Never drop your phone to a local shop/vendor for upgrading the software or firmware. On some occasions, these are the sources who infect your phone in order to reap recurring monetary advantage.
2. Do not install applications from third party apps or through .APK files: Always install applications from the Android market  and avoid third party download sites. It is a good practice not to install applications through .APK files because the code of an APK file is completely unknown to everyone. It can only be read once it is installed and by the time it is installed, it might do the damage in the backyard.
3. Read reviews and user comments before you hit “Install”: Before you hit the “Download” button on any app install page, scroll down to the user reviews section. Read what people are saying about the application and cross check the public profile of the publisher. Is this developer new to the market? How many apps has he developed? How many people have downloaded his application and how many positive reviews his app has received?
It is also a good idea to Google the name of the application and check whether it has received reviews from popular technology blogs and forums. Remember to investigate other applications developed by the same publisher or company.
5. Be careful while using a public Wi-Fi connection: When you are using a public Wi-Fi connection (e.g a restaurant, airport or a library), make limited internet activities on your Android. It is highly recommended to turn off sync and close all running applications which you are not using at that moment. There are a slew of malicious scripts (like Firesheep) which can snoop username and passwords transmitted through an open Wi-Fi connection. Hence, it is strongly advised not to download apps, access banking websites, use Facebook or Email over a public Wi-Fi connection.
6. Install security apps, virus scanners and control spyware: Finally, you should install an efficient antivirus application on your Android and regularly scan your phone’s SD card for unnecessary files, executables, junk folders and temporary data. There are both free as well as paid malware scanners available in the Android market, but my favorite is Lookout mobile security , which routinely monitors every activity on my Android phone and alerts me whenever an application downloads malware or tries to install spyware into the system