Note: This article was first published on 20 January 2025.
Photo: CSA.
The Cyber Security Agency of Singapore (CSA) has released a list of six recommended security apps it recommends Singaporeans download to better safeguard their mobile devices against the rising number of phishing and malware attacks. This new list is two apps shorter than the first list the CSA released in September 2023.
The four android and two iOS app recommendations were tested by industry third-party test bodies such as AV Test and AV Comparatives and evaluated based on their performance in four categories:
- Malware detection: involves installing the security app in devices and testing its ability to detect malware. This evaluates how well the app identifies disguised threats before they can compromise the device, which is crucial as a first layer of protection against malware.
- Phishing detection: involves accessing selected phishing links across different environments, such as via in-app browsers, dedicated browsers such as Chrome for Android users and Safari for iOS users or through a URL checker provided by the app. The user should be alerted by the app when they attempt to access spoofed websites that can lead to identity theft or financial loss.
- Network detection: focuses on the security app’s ability to detect and alert users to common network-based attacks, such as Secure Sockets Layer (SSL) stripping and SSL decryption which are attempts to access or steal encrypted data. This capability is important to protect users from data interception attacks targeting users’ financial details and login credentials.
- Device integrity checks: assesses whether the security app can detect device settings that could potentially offer access to the device’s operating system via unauthorised rooting and jailbreaking modifications which could provide cybercriminals with privileged access to the device’s operating system. It also includes the ability to detect the absence of authentication measures on the device such as biometrics also formed part of the assessment. These ensure that users are alerted to vulnerabilities in their device settings and help to secure the user’s mobile device environment.
The six apps are:
- Android
Avast Antivirus and Security
AVG Antivirus and Security
Norton360 Antivirus and Security
Sophos Intercept X for Mobile - iOS
F-Secure Mobile Security
ZoneAlarm Mobile Security
For the apps to gain a CSA recommendation, they are required to score 50 percent and above in detecting malware and phishing attacks. The apps also need a pass in either network detection or the device integrity checks.
The apps are available for download in both the Google Play Store or Apple App Store for their respective operating systems. However, to access the full functionality and protection, a subscription may be required.
The CSA does still caution Singaporeans that despite the additional protection offered by security apps, “it is key for users to note that no security app can guarantee absolute cybersecurity. Users are encouraged to be vigilant, exercise good cyber hygiene practices and keep themselves updated on the latest anti-scam advice”.
This is especially relevant in Singapore with the number of cyberattacks targeting us, with the Straits Times writing that at least 82 cases of malware scams were reported to the police since December and resulted in S$625,000 in losses.
Read more: How to Secure your Smartphone
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.