Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Fraud & Identity Theft

Google Announces Enhanced Fraud Protection for Android

Google Play Protect will block the installation of sideloaded applications requesting permissions frequently abused by fraudsters.

Google this week announced a pilot feature designed to improve Android’s protections against financial fraud attacks.

Part of Google Play Protect, the enhanced fraud protection will block the installation of sideloaded applications that request sensitive runtime permissions that are frequently abused by fraudsters.

The feature will analyze attempts to install applications from internet-sideloading sources, such as browsers, file managers, or messaging applications, inspecting the permissions the app declared in real-time, specifically looking for four requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility.

“These permissions are frequently abused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on screen content,” Google notes.

According to the internet giant, more than 95% of the fraud malware families typically requesting these permissions are installed from sideloading sources.

The enhanced fraud protection in Google Play Protect will pilot in Singapore on Android devices with Google Play Services, in partnership with the Cyber Security Agency of Singapore (CSA), after being tested by the Singapore government.

“During the upcoming pilot, when a user in Singapore attempts to install an application from an Internet-sideloading source and any of these four permissions are declared, Play Protect will automatically block the installation with an explanation to the user,” Google explains.

The internet giant says it will work with CSA on monitoring the results of the pilot to assess impact and make adjustments, and that it will also assist the agency with detection and analysis, through sharing malware insights and techniques.

Advertisement. Scroll to continue reading.

Developers are advised to review the permissions their applications request, to ensure that they only ask for the permissions they need and that they do not violate the Mobile Unwanted Software principles.

“Always ensure that your app does not engage in behavior that could be considered potentially harmful or malware,” the internet giant points out.

Google cites the Global Anti-Scam Alliance’s 2023 state of scams report, which claims financial fraud losses surpassed $1 trillion, with 78% of mobile phone users experiencing at least one scam over the past year and 45% noting an increase in scams.

The enhanced fraud protection pilot program comes roughly four months after Google Play Protect got real-time code scanning for applications never installed before, to alert users of previously unseen potentially harmful software.

“As a result of the real-time scanning enhancement, Play Protect has identified 515,000 new malicious apps and issued more than 3.1 million warnings or blocks of those apps,” Google says.

Related: Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities

Related: Chameleon Android Malware Can Bypass Biometric Security

Related: Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Fraud & Identity Theft

Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer.  At the time of his death, he was Chief Hacking Officer at...

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...