Your browser is obsolete!

The page may not load correctly.

Banknote thieves

Похитители дензнаков

Other issues in this category (6)
  • add to favourites
    Add to Bookmarks

Card tricks

Read: 684 Comments: 3 Rating: 9

We often have to return to the same old themes: virus makers and scams. Sometimes, we get weary of repeating ourselves, but people keep falling for the same old tricks.

We’ve written about rogue applications on Google Play on many occasions, but new malicious programs keep emerging in online software catalogues. So let's take a fresh look at the problem.

We'll consider the Universal Mobile ATM app as a typical fraudulent example.

#drweb

Today many people use multiple bank cards, so the idea of accessing several bank accounts from a single window seems like a no-brainer. The result is lots of glowing user reviews on the application's page.

So, what should arouse our suspicion?

First of all, that a program can access several banks' infrastructures directly appears somewhat doubtful. Obviously, any communication with a financial institution is supposed to be well protected—essentially to keep miscreants at bay. But since ordinary users normally don't think about such things, we'll consider another argument instead.

The fact that the application prompts users to divulge confidential information is suspicious beyond doubt.

Important! Financial transactions are usually conducted via receive and reply SMS messages. And fraudsters are well aware of that. To conceal their malicious activities, they either intercept or modify messages from banks.

All scam warnings specifically state that nobody (banks included) can request any passwords, codes or any other information associated with transaction verification. But the fact that scammers aren’t yet extinct means those warnings aren’t reaching all of their intended recipients.

No sooner did I type a full stop in the previous sentence than my wife messaged me to say that I needed to call her mother because someone called her on behalf of her grandson, and now she is panicking.

Scammers.

Let's continue. The overall tone of the users' feedback is praising… But, in this case, the fraudsters were too bold and attempted to withdraw a substantial amount. They were exposed and negative reviews appeared instantly. But some scammers aren't that greedy.

As many as 31 five-star reviews!

#drweb

A lot of positive reviews in a brief period of time. People are lazy, and negative reviews tend to appear more often than positive feedback. That's why a lot of praise with few remarks about shortcomings should put users on guard.

By the way, scammers can take advantage of negative feedback too.

They monitor users' reviews on the social media pages of banks. Those who leave complaints or questions often receive replies from fraudulent accounts, ostensibly belonging to bank employees. Then the same pattern will be used—the swindlers will try to fish out logins and passwords users receive in SMS messages.

https://www.eg.ru/tech/444634

Similar wording in reviews. That's not the case here—the fraudsters were diligent enough to compose unique reviews, but this doesn't happen often, and one may have a hard time coming up with lots of texts that don't plagiarise each other in any way.

#virus-maker #fraud #mobile #Google_Play

Dr.Web recommends

What can we add to the above remarks?

  • If possible, use a separate device to communicate with banks. Thus you will be less likely to miss a notification because of fraudsters.
  • Get yourself two bank cards, and don't keep a large amount on the card account you use most often. Should swindlers gain access to it, you won't lose much.

Google reported that over 700,000 "bad” Android apps were removed from Google Play. According to the official developers' blog, in 2017 the number of applications violating Google Play policies was 70% higher than in 2016.

We feel good that our company has worked hard to clean Google Play of rogue software, but it's still not a completely safe space yet. Stay vigilant, and don't fall for scammers' tricks.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments