Google has started a new program, ‘enhanced fraud protection’ with Google Play Protect to help better shield Android users from financial fraud attacks.
The company will launch the pilot in Singapore in partnership with the Cyber Security Agency of Singapore (CSA) in the coming weeks.
“As part of a continued strategic partnership with the Cyber Security Agency of Singapore (CSA), we will launch this first pilot in Singapore in the coming weeks to help keep Android users safe from mobile financial fraud,” Google said in a blog post.
According to the company, this enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers).
“This enhancement will inspect the permissions the app declared in real-time and specifically look for four runtime permission requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility,” the company said.
These permissions are frequently abused by scammers to intercept one-time passwords via SMS or notifications, as well as spy on-screen content.
Google’s analysis of major fraud malware families that exploit these sensitive runtime permissions found that over 95 percent of installations came from Internet-sideloading sources.
“Through such partnerships with technology players like Google, we are constantly improving our anti-scam defenses to protect Singaporeans online and safeguard their digital assets,” said Chua Kuan Seah, Deputy Chief Executive of CSA.
According to the 2023 Global State of Scams Report by the Global Anti-Scam Alliance, 78 percent of mobile users surveyed faced at least one scam in 2023.
Of those surveyed, 45 percent said they’ve experienced more scams in the last 12 months.
