Fraudsters go mobile
Our smartphones send, receive and store tons of sensitive information about us. This includes the information-rich apps we have on our devices.
With over 6 million apps to choose from across Apple, BlackBerry, Amazon, Android and Windows, a smartphone can virtually perform any function and can hold as much (or more) data as a full-sized computer.
Of course, criminals will do what it takes to get that data.
Fraudsters are taking advantage of the fact that many have shifted to mobile services, specifically mobile banking. If you’re like 77 percent of the U.S., you probably own a smartphone and use a number of apps available for your device.
Let’s explore why criminals are turning to fake smartphone apps, how they can exploit those apps to commit identity crimes, and ways to help you safeguard your personal information from these identity crime schemes.
Phones are smart, criminals are smarter
Whether it’s to scam you out of your money or steal your sensitive data, the massive app market makes it easy for criminals to create their own fake smartphone apps that can go undetected if you’re not paying attention.
Fraudsters create fake smartphone apps that mimic big-name companies, like financial institutions and retailers, to capture personal information, bank account numbers or even install harmful software on your device. Other criminals trick victims into using their apps by promising extreme discounts or exclusive deals that seem too good to be true.
Like us, criminals are consumers too. They know what apps we’re searching for, what we’ll fall for and how to make themselves look as reputable as possible.
Fraudsters have been known to go as far as buying ad space within legitimate app stores to further support their schemes.
Fake apps, real consequences
If you use mobile banking, fake apps need to be on your radar. Personal finance app clones are especially dangerous because they put your device, financial information and your identity at risk.
Some hackers will create fake smartphone apps that work like phishing attacks to obtain sensitive information such as Social Security numbers, financial account and payment card numbers, birth dates, addresses and more.
Other hackers will use these apps to disguise harmful software, also known as “malware,” that is installed onto your device when you download the app. Malware can be programmed to record your keystrokes to steal login credentials and account numbers, or it can be used to unknowingly send information from your device to the hacker’s home base.
Criminals that obtain login credentials from fake apps can use that information to gain access to other sites. For example, using a fake social media app could potentially give hackers your online bank account information if you use the same login credentials for both sites.
Paired with our tendencies to reuse passwords, the problems that come with using fake apps can extend to other parts of our identities – ranging from personal information, online accounts and monetary funds.
What should you do?
Use these tips to help you and your smartphone steer clear of fake apps:
- Verify the publisher. Be wary of fraudsters who fabricate publisher names to closely match legitimate ones (i.e. Overstock.com vs. Overstock Inc.).
- Check for the presence of reviews and comments. Fake apps will typically have little to no comments and no reviews.
- Review app publish dates. Fake apps will typically have recent publish dates, whereas legitimate apps will indicate that it was “updated on” a certain date.
- Avoid apps that are too good to be true. Do they promise extreme discounts or other deals that aren’t available on similar apps? If so, they’re probably fake.
- When in doubt, always check the company’s official website to find its legitimate app. Avoid downloading apps that are not available on legitimate app stores.
Continue following Fighting Identity Crimes to stay up to date on the latest breach and scam news, as well as tips and tricks from our industry experts on how to protect your identity.
The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.