GOOGLE is rolling out a new security update from Thursday (Oct 19) to alert Android phone users to malicious apps, to help prevent them from falling prey to malware scams.

When a user tries to install an app that has never been scanned before, the new feature in the Google Play Protect security program will scan the code of the app in real time to detect previously undetected threats.

Users will receive a message informing them whether an app is safe to install or is potentially harmful, Google announced in a blog post on Thursday.

Launched in 2017, Google Play Protect scans 125 billion apps daily to protect Android users from malware and fraud. Before the upgrade, it scanned for and detected only known threats.

The update will also better protect users against malicious polymorphic apps that use artificial intelligence to dynamically change their features to avoid detection by security systems.

Android phone users in Singapore can look forward to benefiting from this feature in the coming months.

A NEWSLETTER FOR YOU

Friday, 8.30 am

Asean Business

Business insights centering on South-east Asia's fast-growing economies.

Sign Up

The update will roll out first to Android phone users in India, a hotbed of scam activity.

Cyber attacks in the first quarter of the year increased by 18 per cent weekly in the South Asian country, compared with the global rate of 7 per cent.

Real-time scanning will kick in for all devices running on operating system (OS) Android 6 or later once it is rolled out in a user’s country. Users do not need to update their Android OS to enjoy the new feature.

In Singapore, more than 1,400 victims fell prey to malware scams between January and August, with total losses amounting to at least S$20.6 million, the police said.

Many victims had responded to fake supermarket advertisements or durian tours, and were tricked into “sideloading” harmful Android package kits, or APKs.

These apps were downloaded via third-party website links posted online or sent via messaging apps instead of the official Google Play Store.

These apps contained malware that allowed scammers to remotely capture keystrokes and access the compromised devices.

After stealing passwords and banking credentials, scammers would perform unauthorised transactions on victims’ banking apps, either wiping out their savings or taking out loans in their names.

Android phone users will not be barred from sideloading, Google director of Android security strategy Eugene Liderman told reporters on Wednesday, at a media briefing about Android security.

Despite its inherent risk, sideloading is sometimes used to download legitimate apps, such as Singapore Pools’ mobile lottery app, which is not on the Google Play Store because Singapore is not on the firm’s list of countries that can facilitate online gambling.

Ad blocker apps are also not on the Google Play Store because they violate Google’s developer distribution agreement.

Liderman said Google is still trying to find the right balance between giving users choice and protecting them.

In particular, the tech giant is counting on the upgraded real-time scanning feature in Google Play Protect to make a big difference, he added.

During the same media briefing, Samsung’s head of enterprise business and product marketing Timothy Tan said that while tech companies have a responsibility to ensure that their software and hardware are secure, users also need to protect themselves against scammers.

Users must be careful about the personal information they release online, as scammers may use this information to pose as someone the victims trust.

Samsung, whose mobile phones run the Android operating system, uses its security platform Knox to protect users against cyberthreats by blocking access to users’ PINs, passwords and biometrics stored in its biometric authentication platform when unauthorised malware is detected.

Samsung is in discussion with the National Crime Prevention Council and the Singapore Police Force’s Scam Public Education Office on anti-scam initiatives and public education campaigns.

Google and Samsung say that instead of disabling sideloading, there is a greater need for public education.

Google’s Liderman conceded that users can get confused by warnings that pop up when they sideload legitimate apps. For instance, Singapore Pools’ app has been flagged as potentially dangerous.

Liderman said the new update will potentially reduce the number of false positive warnings by blocking malicious applications in real time if they are determined to be harmful.

Still, users should take all warnings seriously, he added. Users should also not assume that all apps downloaded from official app stores are safe, he said.

In 2022, Google Play Protect prevented 1.43 million policy-violating apps, including fraudulent ones or those that access sensitive information, from being published on Google Play. More than 170,000 developers were also banned from the app store.

Despite this, some malware may still pass through Google’s protective mechanisms, Liderman cautioned. “So this is why it’s important to just be vigilant.” THE STRAITS TIMES