Security researchers have discovered a stash of more than 150 fake trading, banking, and cryptocurrency apps that are made to steal the funds of its victims.
Fake Crypto Apps
According to Sophos, the fraudulent iOS and Android apps all utilize a common server, suggesting a single cybercriminal group is responsible.
This assumption is widely supported by commonalities in the design of the applications, as well as communications with the fake customer support team.
The scammers are said to have utilized different social engineering techniques to encourage people, especially newbies, to install the fake app, even going as far as creating relationships with potential victims over dating services, according to TechRadar.
In one example, the scam operators created a fake version of the App Store download page in a bid to trick people into thinking that the application originated from a trusted source.
As soon as the app download is triggered, the victim is served with what looks like a standard mobile application, usually mimicking the branding of a popular financial service.
However, the icon is merely a shortcut that links to a fake landing page, where users are encouraged to enter financial credentials or trigger a cryptocurrency transaction, under the guise of topping up the account balance.
Sophos stated that if the victim later attempts to withdraw funds or close out their account, the operators simply block access.
To shield against attacks of this kind, Sophos says there are a few simple steps that all mobile users should take.
Jagadeesh Chandraiah, the Senior Threat Researcher at Sophos, said that in order to avoid falling prey to these scams, users should only install apps from trusted sources like Google Play and Apple's App Store.
Developers of popular apps usually have a website, which directs users to the genuine app and, if they have the skills to do so, users should verify if the app that they are about to install was created by its actual developer.
Chandraiah added that if something seems risky or too good to be true, like high returns on investment, or someone from a dating site asking you to transfer money or cryptocurrency assets into some account, then there is a chance that it is a scam.
Victim of Crypto Scam
Just recently, a woman fell victim to a crypto scam and lost her house deposit.
According to the BBC, the victim was conned into giving away her savings. She warned others not to make the same mistake.
The victim, Julie Bushnell, said that she felt ashamed and embarrassed after falling for a fraud that cost her £9,000 or $12,000.
The scammer used the name of Tesla CEO and billionaire Elon Musk, and a story on a fake BBC website suggesting she could double her money in a giveaway of the cryptocurrency.
Bushnell had invested in cryptocurrency before. She said she spotted an item on a website that appeared to use BBC News branding, claiming that Elon Musk would pay back double the sum of any Bitcoin deposit.
That was when she used her savings to pay, which she had saved up for a deposit for a new home. When no reciprocal payment arrived, it dawned on her that she had been scammed.
Related Article : 'Panda Stealer' Malware Targets Cryptocurrencies like BTC, Ether to Loot via Clickable Links in Discord, Emails
This article is owned by Tech Times
Written by Sophie Webster