One way to minimize your risk is to only download MP3 files that you've converted yourself, or that you get from a reputable store like iTunes, Google Play or Amazon. Grabbing music from sketchy sites or file-sharing services is not a good idea at any time, but it's especially bad now.
Similarly, you also should avoid downloading MP4 video files online. That actually isn't a problem for most people because you're more likely to stream video from reputable sites like YouTube or Netflix. Unfortunately, hackers still have some tricks up their sleeve that you need to know about.
For example, tapping a link in a phishing text or email could send you to malicious website with an embedded MP3 or MP4 file. From there, it could pop up a notice asking if you want to play it with your default media player. If you don't stop to think you might do it.
The usual rules for phishing attacks apply here. Don't tap on links or download attachments from suspicious or unsolicited email and texts. And definitely don't let any audio or video run that you didn't ask to run.
Another route hackers could take is to trick you into installing a malicious app that accesses the Stagefright code libraries. This gives them the same access they'd get with a malicious media file.
As always, don't install apps that aren't from Google Play or the Amazon App Store. Even in reputable stores, be on the lookout for apps that are brand new and that ask for media access permissions. Want to know more about approving permissions and how apps use them to put your privacy at risk? Click here for the full scoop.
Stagefright isn't the only danger to your smartphone or tablet. Learn seven essential steps you need to take to secure your smartphone or tablet now against the most likely threats you'll encounter.