This week I removed adware from Android, which is installed according to the following scheme: a person sees a fake advertising notification about an infection, then even trying to close it opens Google Play or another store with some kind of antivirus with a generic name like xcleaner, to make it harder to find it among others, and installs it. Then this application starts working in the background and every 2-3 minutes creates full-screen advertising banners with vibration, also about infections with links to other garbage. It does not exist in the list of applications and in the activity list as soon as the banner is closed. While it is there, instead of its name it shows a webview, and you need to guess to go from the list of processes to the application in order to see its real name and delete it.
A year ago, I also saw a fake advertisement for a squid game. These fake advertisements have already become a meme, but they also offer to download from Google Play a slightly similar game, where after quickly clicking on the screen, the smartphone will suddenly prompt you to buy an expensive subscription and then you will not be able to cancel it, because Google does not provide for them refund. This idea comes from SMS scams since j2me platform, and judging by the comments on this game, people are still losing money, especially if they leave their phones to children.
I don't use ios and won't say whether manual moderation there helps prevent the same crap, but let's not ignore that if you're not tech-savvy, this Android security alternative is pretty easy to get around.
literally the same "scam ad - scam app" pipeline exists on ios. ads exist, bad scammy ads exist, garbage apps exist, stuff slips through app moderation filters, or just stays around and gets by because it's juuust enough for it to not be outright malware. bad ads and apps are unfortunately not a platform specific problem, nor are they really "solved" by either of platforms.
funnily enough, some bits of it might be worse because ios and app store are promoted as 'being secure' period, almost unequivocally - so it ends up being a thing like 'well, ios is secure and this app is on the store, so it's all good, right?", which doesn't always happen to be the case.
I still think there ought to be some solution that includes both "apps can't force/trick you into changing defaults" and "owner of device can still choose to change defaults".
A year ago, I also saw a fake advertisement for a squid game. These fake advertisements have already become a meme, but they also offer to download from Google Play a slightly similar game, where after quickly clicking on the screen, the smartphone will suddenly prompt you to buy an expensive subscription and then you will not be able to cancel it, because Google does not provide for them refund. This idea comes from SMS scams since j2me platform, and judging by the comments on this game, people are still losing money, especially if they leave their phones to children.
I don't use ios and won't say whether manual moderation there helps prevent the same crap, but let's not ignore that if you're not tech-savvy, this Android security alternative is pretty easy to get around.