Android users in Singapore to be blocked from installing certain unverified apps as part of anti-scam trial
This audio is generated by an AI tool.
SINGAPORE — Some Android users in Singapore will automatically be blocked from installing apps from unverified sources, with a new security feature that Google plans to progressively roll out in the coming weeks.
It is part of a trial to better protect users against malware scams and was developed in partnership with the Cyber Security Agency of Singapore (CSA).
"Singapore will be the first country to begin a phased pilot of this feature on Android devices in the next few weeks," Google said in a media release, adding that this builds on the existing Google Play Protect malware protection system.
When users try to install an application from unverified app stores, also known as sideloaded apps, Google's latest security feature will automatically block it if it uses sensitive runtime permissions frequently abused for financial fraud.
Runtime permissions give an app additional access to restricted data like SMSes and phone notifications.
Users will be served an explanation if attempts to download a suspicious app are blocked.
In a previous update of Google Play Protect, users were recommended to conduct a real-time app scan to better detect whether an Android app may be infected with malware. When the scan was completed, users were notified about whether it could be safely installed.
Mr Eugene Liderman, director of Android security strategy at Google, told CNA the real-time scanning enhancement to Google Play Protect was fully rolled out in Singapore in November 2023.
Since the launch of real-time scanning last October, Google said it has helped identify over 515,000 potentially harmful apps, and blocked or warned users almost 3.1 million times when they attempted to install such apps.
Scam victims are often directed to download an Android package kit (APK) file through sources such as websites, messaging apps or file managers.
"Members of the public are advised not to download any suspicious APK files on their devices as they may contain malware which will allow scammers to access and take control of the device remotely as well as to steal passwords stored in the device," the police said in an advisory last July.
Sideloaded apps typically ask for permission to read and receive SMSes and notifications, and grant accessibility to devices.
These permissions enable scammers to intercept one-time passwords via SMS or from notifications and spy on screen content, said Google.
The tech giant's newest security feature is designed to look out for such permissions, which are "frequently abused by fraudsters", and block the app's installation.
"Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources," it added.
ONGOING FIGHT AGAINST MALWARE SCAMS
Over 750 cases of Android malware-related scams were reported in the first half of 2023, with victims losing more than S$10 million, the police said last September.
Since the launch of real-time scanning last October, Google said it has helped identify over 515,000 potentially harmful apps, and blocked or warned users almost 3.1 million times when they attempted to install such apps.
Scam victims are often directed to download an Android package kit (APK) file through sources such as websites, messaging apps or file managers.
"Members of the public are advised not to download any suspicious APK files on their devices as they may contain malware which will allow scammers to access and take control of the device remotely as well as to steal passwords stored in the device," the police said in an advisory last July.
Sideloaded apps typically ask for permission to read and receive SMSes and notifications, and grant accessibility to devices.
These permissions enable scammers to intercept one-time passwords via SMS or from notifications and spy on screen content, said Google.
The tech giant's newest security feature is designed to look out for such permissions, which are "frequently abused by fraudsters", and block the app's installation.
"Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources," it added.
ONGOING FIGHT AGAINST MALWARE SCAMS
Over 750 cases of Android malware-related scams were reported in the first half of 2023, with victims losing more than S$10 million, the police said last September.
Comments
Post a Comment