Cybercriminals Target Android and iOS Users With Large Scale Frauds Through Fake Trading Apps
Cybercriminals are carrying out large-scale widespread fraud campaigns that feature fake trading apps. Their recent targets have included both Android and iPhone users.
The scheme is being carried out through several fake trading platforms where users are not aware of what’s taking place. This has come in the form of a warning by Group IB’s analysts who are experts in threat intelligence.
The worst part is how fake trading platforms are popping up across so many unauthentic locations, other than the Google Play Store and the Apple App Store. This makes it so much more difficult for users to differentiate what’s real and what’s not.
The worst part is how these apps have the tendency to feature no malware that breaks defense systems but at the same time, they can cause destruction in the form of extracting huge sums of money.
The fact that these apps are so widespread and make use of the same code that’s reused on several different apps is the alarming part. All the fraudsters are even making it worse by getting featured in versions so the masses can be targeted like launches in different languages other than English such as Chinese and Hindi.
These platforms serve as facades of real trading apps. The only plan of these fake apps is to lure victims into bogus trading accounts and that’s where money is gone. You can commonly encounter such activities to come under the pig butchering heading.
This refers to frauds where cybercriminals lure people into making false investments and for months, they keep on tricking them. They also use this to act like they’re growing so much but in reality, it’s far from this.
Other than the usual app stores, you’ll find them wreaking havoc through various phishing websites. The tactics on display entail the requirements for victims to receive invitation codes before getting registered.
All the app requires to take a user onboard is an ID of some kind, even the passport works. Other documents entail personal data and details linked to jobs. Users will agree to the terms and conditions while risking warnings at the same time. After this is done, they roll out instructions on the next step which involves making deposits.
Upon investigation, experts claim the domains in use of the scam seem to be a part of bigger fraud infrastructures where many other domains keep getting registered with similar names. Using web-based apps helps to conceal malicious acts and wards detection. This is where vigilance comes into play and end-user education is a key step.
Anyone getting links from suspicious locations or any unsolicited texts from strangers on these platforms needs to be more wary of the act and stay safe at all times. As the only saying goes, it’s better to be safe than sorry. Hence, only trust apps from reliable and authentic areas and protect yourself from revealing sensitive data online.
In cases when you are asked to download apps from unofficial locations, you need to be firm on the matter and not let the guard down. Don’t forget to review publishers, ratings, and reviews. These also are very helpful in stopping scams.
Read next: Google Confirms Showing Ads On AI Overviews Very Soon
