To fight the threat of malware-infected apps being loaded onto Android phones and other devices, Google recently added a security scanner known as "Bouncer" to the Android marketplace. The scanner begins analyzing new apps as soon as they are uploaded, greatly increasing the chances of malware and trojans being detected before unsuspecting consumers download them. Unfortunately, as usual, the scammers who create those apps have already found a way to get around the Bouncer scan. It seems they've learned a trick from some of the PC scammers and are using Facebook to do the dirty work.
Links to a new malware app are being spread around Facebook using fake user profiles that send friend requests to potential victims.
Clicking on one of the links downloads the file automatically, without giving you any further description of the app than however it was described by the fake profile. If you fall for the ruse and install the app then the malware will automatically dial premium-rate phone numbers, with the profits for the call going directly to the scammers who created and distributed the app.
This isn't as straightforward as downloading a virus or malware in Windows, of course; a few things do have to happen before your phone can be infected. You have to both download and install the app, obviously, and you have to have your phone set up to accept apps from locations other than the Android Market. It's important to note however that if you've ever downloaded apps from Amazon.com or other sites then you most likely already have your Android phone set to install apps from non-Market locations.
I wish that I could say that there was no need to put out this warning since everyone already knows not to click random links on Facebook or install software if they don't know what it is. The thing is, these scammers are quite creative ---and creators of these types of malware laced apps, know that there is always a portion of the population that will for their savvy scam and install the app.
In the end, this malware app scam simply highlights the importance of being smart with both your online browsing and how you care for your mobile devices.
Robin Slade, President & CEO of FraudAvengers.org reminds readers;
Implementing simple steps and taking preventive action can lessen your exposure to identity theft;
•Keep your Bluetooth off if you're not using it. Bluetooth technology gives electronic devices the ability to communicate wirelessly. But savvy fraudsters can pair their electronic devices to yours to access your information.
•Only download apps from reputable companies. Check the user comments and ratings for the app, and make sure you are comfortable with the access permissions granted to the application.
•Avoid making financial transactions using a "hotspot" or public wireless network.
•Password protect smartphones and tablets to lock your device when it's not in use. Some mobile devices, such as the iPhone, have the ability to erase all data after multiple failed passcode attempts.
•Consider mobile security software. Some services include remote tracking that allows you to lock or erase data on your phone remotely if your device is lost or stolen.
Remember, the first line of defense starts with you.
Think fraud! If not now, when?
Leave a comment