News

SINGAPORE – Android users in Singapore continue to fall for malware scams and since February nearly installed some 900,000 high-risk mobile apps that could have left their devices vulnerable to being hacked, according to the latest figures Google released on Aug 15. Such apps were nearly installed on more than 200,000 Android devices here and had to be blocked by Google’s enhanced fraud protection security measure, the company announced at its Safer With Google online safety conference. Released the enhanced Google Play Protect feature works in the background to block the installation of unofficial apps that require suspicious permissions, like screen mirroring. The high number of installation attempts comes even as reported malware attacks fell from 1,899 malware scam incidents reported throughout 2023, to 95 cases in the first half of 2024 – a sign that security measures rolled out by platforms, banks and the authorities in the past year are taking effect. Minister of State for Digital Development and Information Rahayu Mahzam announced these figures at the annual Safer With Google event at the firm’s office in Labrador Park and urged companies to collaborate with the authorities on tech solutions to combat scams. Developed by Google and Singapore’s Cyber Security Agency (CSA), the enhanced feature for Google Play Protect was rolled out to all Android users here to block suspicious apps that require risky permissions or that have been downloaded from unofficial platforms. Sideloading, a core feature of Google’s Android platform, is often used by those dealing with overseas businesses that do not use the Google ecosystem, or for device customisation tools. But users have also been tricked into installing apps that allow fraudsters to spy on their devices and enter their bank accounts. Google’s enhanced anti-malware feature was also rolled out in other countries since its exclusive launch in Singapore amid a surge of malware scams that totalled 1,899 cases reported to the police . Measures by tech players and the authorities have also contributed to the continual drop in malware scams to 35 cases in the second quarter of 2024, from 60 cases in the first quarter of 2024, according to Ms Rahayu. Other organisations, including local banks, joined the effort to crack down on malware during the same period. UOB, OCBC and DBS Bank programmed their mobile apps to lock up if suspicious apps are detected on the same device that require risky permissions, like screen mirroring. Samsung, too, began to once the feature is manually enabled in the settings menu. Singapore users can switch on the tool by searching for “Auto Blocker” in the setting’s search bar. Google’s Vice-President of Android Partnerships in the Asia-Pacific region Karen Teo said in a keynote speech at the conference that while sideloading has been a core feature of the Android platform, “it has unfortunately been exploited by malicious actors”. To continue beefing up anti-scam measures, government apps like Singpass, ScamShield and CPF Mobile will display a “Government” icon on the Google Play Store to prevent users from installing clone apps designed to steal their personal information. Ms Teo said the labels aim to give users “peace of mind” when they install apps amid concerns of fraudsters mimicking the likeness of official apps to steal funds or sensitive information.  Google did not state how many government apps have displayed the label, but said it is working with more government agencies to place badges on even more apps in the Play Store.