Scammers are using a network of fake apps to steal funds from crypto newbies

Security researchers have identified a “stash” of more than 150 fake trading, banking and cryptocurrency apps designed to steal victims’ funds.

According to Sophos, the fraudulent iOS and Android apps all utilize a common server, suggesting a single cybercriminal group is responsible. This assumption is supported by commonalities in the design of the applications, as well as communications with the fake customer support team.

The attackers are said to have utilized various social engineering techniques to encourage people to install the malicious apps, even going as far as to build relationships with potential victims over dating services.

In one instance, the scam operators created a fake version of the App Store download page, in a bid to trick people into thinking the application originated from a trusted source.

Fake crypto apps

When the app download is triggered, the victim is served with what looks like a standard mobile application, often mimicking the branding of a popular financial service.

However, the icon is merely a shortcut that links to a fake landing page, where users are encouraged to enter financial credentials or trigger a cryptocurrency transaction, under the guise of topping up their account balance.

According to Sophos, if the victim later attempts to withdraw funds or close out their account, the operators simply block access.

To shield against attacks of this kind, Sophos says there are a few simple steps that all mobile users should take.

“To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store. Developers of popular apps often have a website, which directs users to the genuine app and, if they have the skills to do so, users should verify if the app they are about to install was created by its actual developer,” said Jagadeesh Chandraiah, Senior Threat Researcher at Sophos.

“Last, but not least, if something seems risky or too good to be true – such as high returns on investment or someone from a dating site asking you to transfer money or cryptocurrency assets into some ‘great’ account – then sadly it probably is.”



from TechRadar - All the latest technology news https://ift.tt/3hzUTpT
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us