The Cyber Security Agency of Singapore (CSA) has updated its list of recommended security apps that the public can use to protect their devices from malware attacks and phishing attempts. This refreshed list features six apps available on either Android or iOS devices:
For Android: Avast Antivirus & Security, AVG Antivirus & Security, Norton360 Antivirus & Security, and Sophos Intercept X for Mobile.
For iOS: F-Secure Mobile Security and ZoneAlarm Mobile Security.
While some apps offer free features, a subscription may be required to unlock their full functionality, CSA stated on Monday (Jan 20).
Comprehensive Testing and Evaluation
This latest list builds on CSA’s initial release in September 2023. The agency has since reviewed and tested 18 unique apps across Android and iOS platforms, referencing tests conducted by third-party organizations like AV Test and AV Comparatives. The apps were evaluated based on four key categories:
1. Malware Detection
The ability to identify malware samples, including original, rehashed, and obfuscated variants, was tested. This feature is crucial as it serves as the first line of defense against threats like spyware and droppers—programs designed to deliver other malware types onto devices.
Note: Due to iOS’s security architecture, security apps cannot scan other apps for malware. Therefore, this functionality was not tested on iOS devices.
2. Phishing Detection
Apps were assessed on their capability to block deceptive websites and suspicious URLs. Tests included accessing phishing links through in-app browsers, dedicated browsers like Chrome and Safari, and URL checkers. These features alert users when attempting to access spoofed websites that could lead to identity theft or financial loss.
3. Network Detection
This category focused on an app’s ability to detect network-based attacks, such as Secure Sockets Layer (SSL) stripping and SSL decryption. Simulated attacks tested the apps’ responsiveness in alerting users to data interception attempts targeting sensitive details like financial information and login credentials.
4. Device Integrity Checks
This evaluation examined whether apps could detect device vulnerabilities, such as unauthorized rooting or jailbreaking, which could grant cybercriminals privileged access to a device’s operating system. Apps were also assessed on their ability to detect the absence of essential authentication measures like biometrics.
Evaluation Criteria and Results
To be deemed effective, apps needed to achieve a minimum score of 50% in malware and phishing detection. For the newly added categories of network detection and device integrity checks, a pass in either category was required. This balanced approach ensures both traditional and advanced security capabilities are evaluated.
The Importance of Security Apps
“Cybercriminals are constantly devising new tactics to trick us, and this is why installing security apps continues to be important,” said Mr. Chua Kuan Seah, CSA’s deputy chief executive. He emphasized the agency’s expanded testing criteria to ensure apps can keep up with the rapid evolution of cyber threats.
The listed apps are available for download on the Google Play Store and Apple App Store. This updated reference aims to help users choose security apps based on their individual needs and budgets.
Rising Scam Cases Highlight the Need for Vigilance
Singapore has witnessed a sharp rise in scam cases, with 26,587 incidents reported in the first half of 2024—a 16.3% increase from the same period last year. Financial losses amounted to at least S$385.6 million (US$295 million), a 24.6% surge. Social media platforms like Facebook, WhatsApp, and Instagram remain the primary tools used by scammers to contact potential victims.
By leveraging security apps and staying vigilant, users can better protect themselves from cybercriminals and the growing wave of online scams.
Source: https://www.channelnewsasia.com
