In a previous update of Google Play Protect, users were recommended to conduct a real-time app scan to better detect whether an Android app may be infected with malware. When the scan was completed, users were notified about whether it could be safely installed.
Eugene Liderman, director of Android security strategy at Google, told CNA the real-time scanning enhancement to Google Play Protect was fully rolled out in Singapore in November 2023.
Since the launch of real-time scanning last October, Google said it has helped identify over 515,000 potentially harmful apps, and blocked or warned users almost 3.1 million times when they attempted to install such apps.
Scam victims are often directed to download an Android package kit (APK) file through sources such as websites, messaging apps or file managers.
“Members of the public are advised not to download any suspicious APK files on their devices as they may contain malware which will allow scammers to access and take control of the device remotely as well as to steal passwords stored in the device,” the police said in an advisory last July.
Sideloaded apps typically ask for permission to read and receive SMSes and notifications, and grant accessibility to devices.
These permissions enable scammers to intercept one-time passwords via SMS or from notifications and spy on screen content, said Google.
The tech giant’s newest security feature is designed to look out for such permissions, which are “frequently abused by fraudsters”, and block the app’s installation.
“Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources,” it added.