Most Android malware lives in the margins, away from Google Play and the more reliable app shops. It’s nonetheless a good idea to be on the lookout for rogue code, and McAfee has stepped in with thorough explanations of how one of the most common scamware strains, Android.FakeInstaller, works its sinister ways. The bait is typically a search-optimized fake app market or website; the apps themselves not only present a legitimate-looking front but include dynamic code to stymie any reverse engineering. Woe be to anyone who’s tricked long enough to finish the installation, as the malware often sends text messages to expensive premium phone numbers or links target devices to botnets. The safeguard? McAfee would like you to sign up for its antivirus suite, but you can also keep a good head on your shoulders — stick to trustworthy shops and look for dodgy behavior before anything reaches your device.