An elderly relative, a gullible friend, or someone who simply isn’t well-versed in technology—these are the individuals who often find themselves vulnerable to the complexities of the digital world. As technology evolves, so do the tactics of malicious actors, making it increasingly challenging for less tech-savvy users to navigate safely. Google’s Play Protect service is designed to shield users from harmful applications, yet recent experiences suggest that it may not be fulfilling its intended purpose effectively.
Apps requesting excessive permissions target unwitting users
With Google recently unveiling a new sideloading process, the spotlight is on the Play Store and its ability to combat scams. Reports abound of users being lured into downloading dubious apps through deceptive advertisements masquerading as system notifications. These ads often lead users to the Play Store under the pretense of providing essential updates or features, but in reality, they are merely conduits for ad revenue.
For instance, a colleague shared a story about his father who, after clicking on an ad for a critical update, inadvertently installed a series of PDF apps that bombarded him with incessant ads. Similarly, during a visit to my boyfriend’s grandmother, she expressed frustration over the barrage of ads on her phone, claiming that her user interface had inexplicably changed overnight. In an attempt to assist, I suggested running a malware scan, which revealed one app notorious for excessive ads. However, even after its removal, her interface remained altered.
Upon further investigation, it became evident that the issue was not merely a rogue app delivering pop-ups. Instead, she had unknowingly installed a different launcher that replaced her app drawer, widgets, and even her Google Discover feed, inundating her with ads at every turn. This app had also likely exploited her search data to serve more targeted advertisements. Despite her confusion over how this transformation occurred, it was clear that the app had secured numerous permissions, compromising both her data and overall experience.
Despite this, Google Play Protect didn’t identify the culprit
In an effort to rectify the situation, I turned to Google Play Protect, assuming it would be the most reliable tool for identifying problematic applications. Surprisingly, the service failed to flag any issues. While Play Protect is designed to scan for malware and adware, it did not recognize the app in question, which was generating ads that interfered with device functionality. The typical warning regarding unexpected ad behavior was conspicuously absent.
Eventually, I identified the troublesome app by noticing persistent prompts to change the default messaging application. However, attempts to locate it in the app drawer proved futile. Even long-pressing the app icon on the home screen yielded no option to uninstall. This highlighted a significant shortcoming of Play Protect: it not only failed to detect the app as adware before its installation but also overlooked its problematic nature afterward.
How I managed to fix the phone
Recognizing that the offending software was masquerading as a messaging app, I sought to uninstall it through the Google Play Store. To uncover which app was acting as the phone’s launcher, I navigated through a series of settings that are not immediately intuitive. The path to identifying the default home app is somewhat buried within the device’s settings, making it challenging for the average user to find.
After accessing the Google Play Store, I utilized the account menu to manage installed applications. By filtering to show apps on the device, I scrolled through the list and, with some guidance from my boyfriend, pinpointed the app disguised as “Messages.” This app, developed by a different company, had a generic title and icon that closely resembled the legitimate Samsung Messages app.
Upon uninstalling the app, the user interface reverted to Samsung’s default One UI, restoring control to my boyfriend’s grandmother. The mystery of how she had been convinced to download the app remained unsolved, but a quick search of the Play Store revealed a plethora of messaging apps with dubious claims. Some promised battery savings, while others suggested they could enable SMS functionality without an internet connection—an unnecessary feature for standard text messaging.
Ultimately, I discovered that the app in question had updated its title to include the word “launcher,” yet its description remained vague enough to mislead non-tech-savvy users. The app’s design cleverly encouraged users to grant excessive permissions, making it easy for those unfamiliar with the concept of a launcher to inadvertently activate it. This pattern is not uncommon; many adware applications disguise themselves as utilities, despite being unnecessary on modern Android devices.
While it is unrealistic to expect the Google Play Store and Play Protect to foresee every potential exploit, the prevalence of apps that gain excessive permissions under the guise of simple functionality raises significant concerns. The friction associated with sideloading apps is palpable, with users warned against installing unknown software. Yet, the process of granting excessive permissions through the Play Store remains alarmingly seamless.
Many Android users lack advanced technical knowledge, and even those who are relatively informed can find themselves in precarious situations. It should not require the intervention of a tech journalist to identify and flag suspicious applications. The reality is that most users install apps without fully understanding their functionalities, and even seasoned individuals can make mistakes. The Play Store must enhance its safeguards to protect those who are not perpetually vigilant.
