Google aims to block shady financial fraud apps in new pilot program

Android malware code
(Image credit: Jay Bonggolto / Android Central)

What you need to know

  • Google is launching a pilot program in Singapore to address financial fraud issues affecting Android users.
  • The new pilot specifically targets sneaky Android apps that request permissions commonly exploited in phishing attacks.
  • The security feature, aimed at preventing unsafe app installations, will be introduced gradually to Android users in the country in the coming weeks.

Google is trying out a fresh approach to combating financial fraud by preventing the sideloading of apps that exploit commonly misused permissions.

Google understands how people can easily fall for phishing scams, even if they're savvy about online fraud. Now, the company is kicking off a pilot program in Singapore to tackle the financial fraud issues affecting Android users.

The security feature will be gradually introduced to Android users in Singapore in the coming weeks. If the pilot goes well, we can expect a wider rollout later on.

More specifically, the new pilot aims to keep you safe from sneaky Android apps that ask for permissions, often exploited in phishing attacks. It will serve as a real-time check on four key permissions, such as reading and receiving SMS messages, accessibility service, and notification listening service. Why these? Well, fraudsters love to misuse them to snag your one-time passwords—whether by peeking at your SMS or snooping on-screen notifications.

Google has joined forces with Singapore's Cyber Security Agency for the pilot, so Android users in the country won't be able to download Internet-sideloaded apps, the kind you might grab from places like web browsers, messaging apps, or file managers. This security upgrade is part of Google Play Protect.

Google notes that cybercriminals love pulling a fast one on mobile users with social engineering tricks. They lure people into turning off their security and brushing off warnings, making them download side-loaded apps, disclose personal information, and send money straight into scammers' pockets.

Google pointed out that since its launch last October, Google Play Protect's real-time scanning has caught over 515,000 shady apps, giving out 3.1 million warnings or blocks.

Eugene Liderman, Google's director of Android security strategy, said Google will be keeping a close eye on how the pilot pans out. If tweaks are needed to amp up the security tool, Google is ready to roll with it.

Jay Bonggolto
News Writer & Reviewer

Jay Bonggolto always keeps a nose for news. He has been writing about consumer tech and apps for as long as he can remember, and he has used a variety of Android phones since falling in love with Jelly Bean. Send him a direct message via Twitter or LinkedIn.