15-8-2024 (SINGAPORE) In a startling revelation, Google has announced that since February, it has thwarted attempts to install nearly 900,000 high-risk mobile applications on Android devices in Singapore. This information, disclosed at the company’s Safer With Google online safety conference on 15 August, underscores the persistent threat of malware scams targeting smartphone users in the city-state.
The tech giant reported that these potentially harmful apps were blocked from installation on more than 200,000 Android devices, thanks to its enhanced Google Play Protect feature. This security measure, which operates in the background, is designed to prevent the installation of unofficial apps that request suspicious permissions, such as screen mirroring capabilities.
Interestingly, while the number of blocked installation attempts remains high, there has been a significant drop in reported malware attacks. Minister of State for Digital Development and Information, Rahayu Mahzam, revealed that malware scam incidents plummeted from 1,899 cases throughout 2023 to just 95 cases in the first half of 2024. This decline suggests that the collaborative efforts of platforms, banks, and authorities in implementing robust security measures are yielding positive results.
The enhanced Google Play Protect feature, developed in partnership with Singapore’s Cyber Security Agency (CSA), was initially launched exclusively in Singapore before being rolled out to other countries. This initiative came in response to a surge in malware scams that resulted in victims losing over S$34 million in 2023 alone.
While sideloading – the practice of installing apps from sources other than the official Google Play Store – remains a core feature of the Android platform, it has increasingly become a vector for cybercriminals. Users have been tricked into installing malicious apps that grant fraudsters access to their devices and, subsequently, their bank accounts.
In tandem with Google’s efforts, local banks have also stepped up their security measures. UOB, OCBC, and DBS Bank have implemented features that lock their mobile apps if suspicious applications with risky permissions are detected on the same device. Similarly, Samsung has introduced an option to block the installation of all apps from unauthorised sources, which users can activate manually in their device settings.
Karen Teo, Google’s Vice-President of Android Partnerships in the Asia-Pacific region, acknowledged the double-edged nature of sideloading, stating, “While sideloading has been a core feature of the Android platform, it has unfortunately been exploited by malicious actors.”
In a further effort to combat scams, Google has introduced a new labelling system for government apps. Official applications such as Singpass, ScamShield, and CPF Mobile will now display a “Government” icon on the Google Play Store. This measure aims to prevent users from inadvertently installing clone apps designed to steal personal information.
