Digital scams come in a million shapes and sizes these days. But one place where they are proliferating is your smartphone’s app store. With more than 1.5 billion mobile devices sold in 2016, the opportunities for cybercriminals are massive.
In January, the Federal Trade Commission issued a warning to consumers about phony shopping apps that appear to belong to legitimate brands. Instead, these apps are designed to harvest credit card information, which can then be sold on the black market.
More recently, news articles have highlighted a deficiency in Apple’s App Store Search Ads product, which allows illicit apps to show up on a search result’s first page. For instance, as of early June, when you search “virus scanner” in the App Store’s search bar, a scam app called “Protection for iPhone — Mobile Security VPN” comes up first. When downloaded, this app explains how it will reroute all of your Internet traffic (including every account you log in to with usernames and passwords), then asks whether users want to upgrade from “Free Trial to Premium Protection” — for the low, low price of $99.99 a week. If only a few hundred users are tricked into signing up for these recurring subscriptions, cybercriminals can generate more than $80,000 a month.
Many of these scam apps contain keywords related to cybersecurity: VPN, virus scan, malware, password generators, Wi-Fi, and mobile security. But it’s not limited to such serious topics: earlier this year, more than two million Android users fell victim to malware hidden in fake companion apps downloaded through the official Google Play Store for popular mobile games like Pokémon Go and FIFA Mobile.
And just last week, security researchers revealed that more than 800 Android applications in the Google Play Store were embedded with Trojan horse adware designed to steal personal information and execute malicious code that can send the info to remote servers.
So what can you do to avoid such malicious apps and online scams?
1) Exercise caution before downloading any apps through your smartphone’s online store.
Scan the title and description of any app for misspelling, grammatical mistakes, and other telltale signs of a scam. Read the reviews carefully — do they seem like they’re written by real people? Are there multiple five-star reviews composed in broken English — or worse, no reviews at all? You can also review the screenshots that are required to be included in an app store description — if they look grainy or low resolution, avoid downloading that app.
2) Avoid clicking on pop-up ads.
This applies to websites just as much as it does to mobile apps, but if you see a lot of irritating pop-up ads after downloading an app, use caution (and consider deleting the app). One of the aforementioned “mobile security” apps led to a screen that gave users the chance to play a bubble game for free, with just one simple click. But making that click can lead a user to an illicit external web address that then installs malware or other viruses on your device.
3) Rely on a trusted IT provider for your cybersecurity needs.
The most comprehensive managed IT services automatically deploy security patches and software updates, keep a constant eye on system operations and Internet traffic, and provide reliable, 24×7 Help Desk services. These kinds of solutions allow you to keep your business running and your employees productive while you can maintain a focus on client service and revenue growth instead of cybersecurity headaches.
The recent onslaught of cybersecurity troubles has many of today’s business owners and employees concerned about the integrity of their systems and critical data. At CMIT Solutions, we go the extra mile to keep your computers, laptops, and mobile devices safe from scammers, spammers, and digital criminals. If you have questions about your cybersecurity environment, contact CMIT Solutions today. We worry about IT so you don’t have to.