Check these settings to protect your Android device from malware scams

SINGAPORE – Android phone users’ freedom to download apps outside of official app stores – a defining feature of the operating system – is being curtailed amid pressure on tech companies to crack down on malware scams that have proliferated on the mobile platform.

Google, which developed Android, announced on Feb 7 that it would, by default,

block

attempts to install apps from unverified sources that require sensitive permissions,

starting from the week of Feb 21.

Sideloading, as it is called, is common practice for the installation of apps for tech enthusiasts or for overseas businesses that are not supported by Google’s ecosystem.

This open door to unverified apps, however, has been exploited by fraudsters to plant viruses. Malware scams on Android devices

left a trail of losses worth more than $34 million

in 2023 in Singapore, according to the police’s scam statistics. Many victims were duped into installing virus-laden apps.

In response, Google and phone manufacturers have had to tighten security measures on their devices in Singapore.

The blocking of installation of apps from unverified sources is part of a Singapore trial by Google and the Cyber Security Agency of Singapore (CSA) that will involve all Android users.

It is among a slew of security features available on the Android operating system – some of which are tucked away in the many sub-menus of the phones’ settings. Here is a guide on how you can ensure your Android phone is shielded from the malware menace.

Look out for the new software update 

The new Android security feature that blocks attempts to install suspicious sideloaded apps will be pushed automatically to all Android devices – there is no need to manually update a device, said Google’s director of Android security strategy Eugene Liderman, in reply to questions from The Straits Times.

The update will beef up Google Play Protect, an inbuilt program on Android devices that scans for harmful behaviour, issues warnings and blocks or automatically disables suspicious apps.

ST understands that users will not be notified when the new software is enabled on their devices, but when it is activated, they will find that any new attempts to install suspicious apps will be blocked and receive a notification explaining why.

The software will inspect the permissions of the app in real time, like those that read SMSes, spy on notifications and require accessibility controls that click buttons for the user, which can all be abused by fraudsters.

The blocker will not retrospectively remove existing sideloaded apps and will not disable them either.

Do not disable security features on your phone

Fraudsters are likely to trick users into disabling Google Play Protect, which can be done manually, even with the new security features.

Google declined to provide details on how to disable Play Protect, and discouraged users from doing so, as it would deactivate all Play Protect security features.

On making it difficult for a user to disable Google Play Protect, Mr Liderman said: “We’ve designed the pilot this way, as fraudsters frequently use social engineering to convince users to deactivate mobile app protection warnings when scamming or stealing data from a victim.”

Before the update, potential victims could be misled to disable Play Protect through the settings menu in the Google Play Store, which has toggles to scan apps and notify Google about unknown apps for better detection.

Enable Auto Blocker for Samsung devices

Samsung phones that run on the One UI 6 software are equipped with Auto Blocker, a feature launched in late 2023 that prevents any installation of apps from unauthorised sources, checks for malware and blocks malicious data transfers via USB cable.

Auto Blocker needs to be enabled manually by a user in the settings menu. It acts as a second layer of protection once the updates for Google Play Protect are rolled out locally.

Mr Timothy Tan, Samsung Singapore’s head of enterprise and government business, said: “We highly encourage Galaxy users to switch on Auto Blocker as an additional line of defence against malicious activities.”

Users can switch on the tool in the Android settings menu under the Security and Privacy tab, or simply search “Auto Blocker” in the setting’s search bar.

Download antivirus apps

CSA released

a list of recommended antivirus apps

in October 2023 with features such as malware and phishing detection. Antivirus programs serve as an extra set of “eyes” to spot apps and links blacklisted as malicious programs.

Telcos like Singtel have also

bundled third-party antivirus tools

from the likes of McAfee into their mobile plans for customers, who need to enable the tools themselves.

Check for existing malware

In case malware has already been installed on a device, users can do a thorough sweep of their app library and delete unfamiliar apps, said cyber security firm McAfee in an advisory. Users should avoid saving login information on a browser, like Google Chrome, and log out after use, it added.

Users may also want to check what permissions are being granted to each app on the Security and Privacy page of the Android settings menu, or by searching “permission manager”.

The page indicates if an app is granted access to a camera, health data and photos, among other permissions. Users can review and turn off these permissions for apps, especially those that collect more information than necessary for usage of the app.