Tech Alert for the Holidays

Watch Out for Fake Apps!

The holidays are here and the scammers are out in full force. Their latest trick is fake apps. Starbucks started the first “retail app”, and many stores have followed.

But scammers are now creating fake apps, trick you into downloading them to your smartphone or tablet, and ask you to load your credit card information in these apps. You can guess what happens next.

Here are 5 things to think about

  1. Be very judicious in deciding what app to download. Better safe than sorry.
  2. If you *do* decide to download an app, first thing to check is the reviews, apps with few reviews or bad reviews are a big red flag.
  3. Never click on a link in any email to download a new app. Only go to the website of the retailer to get a link to the legit app on the AppStore or Google Play.
  4. Give as little information as possible if you decide to use an app.
  5. Be very, very reluctant to link your credit card to any app!

Tech Scam Alert: Fake Apps

App ID Theft

The New York Times warned about a new kind of ID theft: App ID theftjust in time to deceive holiday shoppers. It’s something you need to alert your employees, friends and family about because it can be damaging in several ways.

So-called “retail apps” are cool again, but think before you click! Apple’s App Store is getting crowded with fake impostor apps and Google Play is having the same problem.

The counterfeiters have masqueraded as retail chains like Dollar Tree and Foot Locker, big department stores like Dillard’s and Nordstrom, online product bazaars like Zappos.com and Polyvore, and luxury-goods makers like Jimmy Choo, Christian Dior and Salvatore Ferragamo.

They appear to be legitimate retail store apps — in some cases, they fill a void left by retailers that don’t have apps — but when users install them, the criminals can steal victims’ personal information, or installTrojans that exfiltrate confidential information from smartphones and tablets.

How could this be happening?

Google and Apple’s algorithms to keep malware out of the app store are highly automated, and that is where the problem lies. These fake apps don’t have malicious code. They simply aren’t what they say they are, and that takes a human to see. Apple and Google simply cannot keep up.

Consumers initially rejected store-specific apps because there was no real value. Now, like the Starbucks app, these apps have become gift cards with benefits and people love them. So, what changed is “digital stored value” that make apps like debit/credit cards. Other retailers are racing to copy them. Dunkin Donuts was first, then CVS, and now McDonald’s, for example.

The retailers who are most exposed are the ones with no app at all. Dollar Tree and Dillard’s, for example, have no official iPhone apps, which made it easier to lure their customers to the fake apps. Consumers are willingly loading credit cards into these apps, which really opens the door for the scam artists.

There is more information about this at the New York Times:
http://www.nytimes.com/2016/11/07/technology/more-iphone-fake-retail-apps-before-holidays.html 

Comments are closed.