Google will block Android users from installing ‘unsafe’ apps in a fraudulent security check

3 minutes, 6 seconds Read


Carlina Teteris/Getty Images

Android users in Singapore will no longer be able to download apps deemed unsafe, as Google looks to roll out fraud protection in collaboration with the local government.

The move, aimed at tackling a growing scam problem in the country, is the first test of this feature.

Also: Singapore hit by rising cybercrime, watches $501M in losses from scams

Available within Google Play Protect, the new security feature will block the installation of side-loaded apps tagged as potentially vulnerable. Such apps are usually downloaded from online sources such as messaging apps or file managers.

The security system will protect mobile users against malware-enabled scams, Google Singapore said, adding that it worked with Singapore’s Cyber ​​Security Agency to develop the feature as part of the government’s anti-scam efforts.

“Cybercriminals often use social engineering techniques to trick mobile users into disabling security protections and ignore proactive warnings for potential malware, scams and phishing,” Google said. This allows users to download side-loaded apps and expose confidential personal data or transfer funds to scammers.

Citing a survey conducted this month, Google said that one in two people in Singapore have fallen victim to online scams despite expressing confidence that they can avoid fraud.

It noted that Google Play Protect’s real-time scanning has since identified more than 515,000 potentially vulnerable apps. Launched last OctoberOver 3.1 million are issuing warnings or blocking such apps.

With additional security features, Android users in Singapore will be automatically blocked from installing apps from a side-loading source that uses sensitive runtime permissions, which Google says are often exploited for financial fraud.

Also: Apple OKs sideloading apps in EU – with these restrictions

The security feature will inspect app permissions in real-time, specifically looking at four runtime permissions that include reading and receiving SMS messages as well as accessibility services and notification listening services.

Users will be notified why their app has been blocked from being installed, Google said.

“Sensitive permissions are often abused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on-screen content,” the tech giant said. In an analysis of key fraudulent malware families that exploit such sensitive runtime permissions, Google said more than 95% of installations came from online side-loading sources.

The security feature will be rolled out gradually to Android users in Singapore over the next few weeks.

Also: Newly discovered Android malware infects thousands of devices

Eugene Liederman, Google’s director of Android security strategy, said his team will monitor the results of the pilot to assess its impact and fine-tune the security tool if necessary.

Singapore has implemented various anti-scam measures over the past year to curb a growing number of fraud cases, which have claimed 103 victims. Lose over SG$161,000 ($121,583) in December only.

The country saw a 25.2% increase in scams and cybercrime in 2022, with scams accounting for the majority. Phishing, e-commerce, and investment scams were among the top five most common tactics used against victims, making up 82.5% of the top 10 types of scams.

As part of the safeguards, banks in Singapore now provide a “kill switch” that enables customers to suspend their accounts in the event of a suspected breach, and SMS messages sent from companies not registered with the local ID registry are tagged as “potential-scam”.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *