In response to a number of recent phishing attacks, Google is beefing up its defences by unveiling a new ‘unverified app’ screen that instructs users and developers to tread carefully. This will replace the current ’error’ page that warns against opening dodgy apps and attachments.
While users are still at liberty to ignore all official warnings and plunge headlong into whatever apps they like, the new system will help to drum home the perils of doing so. At present this initiative will only work with newly created apps, but Google has indicated that it will gradually expand it to cover all of its web apps and Apps Scripts.
As a matter of good housekeeping it is important for users to check which web services have access to their personal data and remove any that are no longer in use. Google has already responded to recent threats by introducing new app name vetting, security key enforcement and Open Authorization (OAuth) whitelisting initiatives.
For a reminder on how to check app permissions – and amend them as required – visit any number of sites on this topic, such as https://www.howtogeek.com/230683/how-to-manage-app-permissions-on-android-6.0/