Beta-tested Android Feature Thwarts Malicious App Sideloading During Phone Calls

A new security feature may put an end to scammers tricking people into installing malicious apps on their Android devices during calls.

Scammers and malicious apps sideloading

Con artists use a wide range of tactics and techniques in their scam attempts, and persuading their targets to install malicious software on their devices can be one of the most destructive.

In a typical scenario, after pinpointing their targets, usually seniors or otherwise vulnerable people, scammers contact them under various pretenses.

For instance, they may masquerade as bank employees calling to notify the client about a problem with their accounts.

Bypassing built-in security features

After they lay the groundwork, scammers usually progress by persuading the target to hand over sensitive data or install specific software on their devices.

Modern devices, such as Android smartphones, have built-in guardrails that prevent regular users from installing apps from unknown sources.

To bypass these mechanisms, scammers attempt to trick users into disabling them, typically pretending to offer them step-by-step instructions on solving the fabricated issue they presented.

New Android feature could prevent sideloading apps during calls

In response to this alarming situation, Google designed a new feature that could curb the incidence of scam phone calls pushing malicious software on unsuspecting users.

The feature, currently beta-tested in Android 16’s second Beta iteration, prevents users from turning on settings that would allow sideloading apps during phone calls, prompting them with the following notification:

“Scammers often request this type of action during phone call conversations, so it's blocked to protect you. If you are being guided to take this action by someone you don't know, it might be a scam.”

Safeguarding your mobile device

Specialized software like Bitdefender Mobile Security for Android can help boost your Android device’s defenses against a wide range of threats.

Key features include app anomaly detection, comprehensive malware detection, on-demand and on-install scanning, anti-theft, account privacy notifications and built-in VPN.

Additionally, Scamio, our AI-powered scam detection service, can help you check any suspicious text, social media message, email, link, image, or QR code for scams. It also works for given scenarios; describe a situation, and Scamio will provide you with an assessment of its perceived legitimacy.

Scamio is free and available on Facebook Messenger, WhatsApp, Discord and your web browser. You can also help others stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia and the UK.