The cybersecurity firm Sophos has recently spotted 167 fake iOS and Android apps, looking to harvest user data with malicious intent.
The Sophos team, a British based software and security firm, was contracted by an individual who had fallen prey to the respective scams. The originating story of the following investigation revolves around a dating app. The contractor was asked by a online match (presumably a bot) to download a cryptocurrency app to trade with. The real trickery behind this message was that the link forwarded by the bot led to GoldenWay, a legitimate Hong Kong based currency trading conglomerate. The user acquiesced, and soon after purchasing cryptocurrency to trade with, their account on the application was blocked.
It seems that Sophos went much more up and beyond the call of duty than they were hired to. Not only was the Hong Kong fake application identified, the team discovered an approximate 167 different applications in the online banking, trading, cryptocurrency and finance categories. To further pour salt upon an already gaping wound, the applications were available across both iOS and Android platforms, i.e. Google Play Store and Apple App Store. It seems that even the major online platforms can put users at risk. However, how much is the general userbase really at risk?
It honestly depends on person to person. Bots and hackers are, alarmingly, getting smarter by the day, as they're accompanied by messages that sound genuinely authentic. All it takes is a little lack of current online culture to fall victim to such scams. Then again, when it comes to running across these applications on the app stores themselves, chances seem slim. The App Store and Play Store are respectively building on their app policies in order to make their online spaces safer for userbases to explore. Google Play especially has recently announced a large slew of app regulations that developers have to follow. Any violation of these can result in the application being taken down, and the developer being permanently banned even. Therefore, even if fake applications are successfully mimicking legitimate applications and companies, they can fall short on a slightly more thorough check. All it takes is a quick rifling through to realize which one is the fake.
Ultimately, all it takes is a little bit of online awareness to avoid such situations. Honestly, maybe its best to not rely on online transactions if you don't know the opposite person very well, as a rule of thumb.
Read next: Security Threats linked with recycled phone numbers in the United States
The Sophos team, a British based software and security firm, was contracted by an individual who had fallen prey to the respective scams. The originating story of the following investigation revolves around a dating app. The contractor was asked by a online match (presumably a bot) to download a cryptocurrency app to trade with. The real trickery behind this message was that the link forwarded by the bot led to GoldenWay, a legitimate Hong Kong based currency trading conglomerate. The user acquiesced, and soon after purchasing cryptocurrency to trade with, their account on the application was blocked.
It seems that Sophos went much more up and beyond the call of duty than they were hired to. Not only was the Hong Kong fake application identified, the team discovered an approximate 167 different applications in the online banking, trading, cryptocurrency and finance categories. To further pour salt upon an already gaping wound, the applications were available across both iOS and Android platforms, i.e. Google Play Store and Apple App Store. It seems that even the major online platforms can put users at risk. However, how much is the general userbase really at risk?
It honestly depends on person to person. Bots and hackers are, alarmingly, getting smarter by the day, as they're accompanied by messages that sound genuinely authentic. All it takes is a little lack of current online culture to fall victim to such scams. Then again, when it comes to running across these applications on the app stores themselves, chances seem slim. The App Store and Play Store are respectively building on their app policies in order to make their online spaces safer for userbases to explore. Google Play especially has recently announced a large slew of app regulations that developers have to follow. Any violation of these can result in the application being taken down, and the developer being permanently banned even. Therefore, even if fake applications are successfully mimicking legitimate applications and companies, they can fall short on a slightly more thorough check. All it takes is a quick rifling through to realize which one is the fake.
Ultimately, all it takes is a little bit of online awareness to avoid such situations. Honestly, maybe its best to not rely on online transactions if you don't know the opposite person very well, as a rule of thumb.
Read next: Security Threats linked with recycled phone numbers in the United States
