Google has started a new programme, ‘enhanced fraud protection’ with Google Play Protect to help better shield Android users from financial scam attacks.
The company will launch the pilot in Singapore in partnership with the Cyber Security Agency of Singapore (CSA) in the coming weeks.
“As part of a continued strategic partnership with the Cyber Security Agency of Singapore (CSA), we will launch this first pilot in Singapore in the coming weeks to help keep Android users safe from mobile financial fraud,” Google said in a blogpost.
According to the company, this enhanced fraud protection will analyse and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers).
“This enhancement will inspect the permissions the app declared in real-time and specifically look for four runtime permission requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility,” the company said.
These permissions are frequently abused by scammers to intercept one-time passwords via SMS or notifications, as well as spy on screen content.
Google’s analysis of major fraud malware families that exploit these sensitive runtime permissions found that over 95 per cent of installations came from Internet-sideloading sources.
“Through such partnerships with technology players like Google, we are constantly improving our anti-scam defences to protect Singaporeans online and safeguard their digital assets,” said Chua Kuan Seah, Deputy Chief Executive of CSA.
According to the 2023 Global State of Scams Report by the Global Anti-Scam Alliance, 78 per cent of mobile users surveyed faced at least one scam in 2023.
Of those surveyed, 45 per cent said they’ve experienced more scams in the last 12 months.