In a new attempt to tackle the rising threat of malware scams, Android users in Singapore will soon face restrictions when installing unverified apps. It is part of an anti-scam trial by Google to prevent the spread of malicious software that scammers often exploit.
The security tool deployed by Google will operate in the background, actively identifying apps that request suspicious permissions, like accessing sensitive information such as screen content or SMS messages, which scammers frequently abuse to intercept one-time passwords.
Singapore is the first country to gradually implement this security feature, with the collaboration of the Cyber Security Agency of Singapore. According to Google’s statement on February 7th, the rollout will commence over the next few weeks.
The update will be progressively deployed to all Android users’ devices and will be enabled by default through Google Play Protect, said Google’s director of Android security strategy Eugene Liderman.
Users who are blocked from downloading a suspicious app will be notified with an explanation of the reason behind the blockage. Mr Liderman said users can only deactivate this pilot feature if they disable Google Play Protect entirely.
“We’ve designed the pilot this way, as fraudsters frequently use social engineering to convince users to deactivate mobile app protection warnings when scamming or stealing data from a victim.”
The update will be automatically activated on all Android devices equipped with Google Play services, commencing with a select group of users to evaluate its effectiveness. Sideloaded apps, ranging from overseas business apps to free versions of paid apps, pose a significant risk. These apps can become a gateway for fraudsters to infiltrate devices and compromise users’ financial accounts.
In malware scams, victims are typically lured into downloading Android package kit files through websites or messaging apps under the guise of receiving gifts or deals. This method has been exploited in major malware scam campaigns to hijack victims’ devices and steal their money. According to police reports, over 1,400 individuals fell victim to malware scams between January and August, resulting in losses exceeding $20.6 million.
