Fake Finance Apps Focus On Theft

Uploaded on 2021-06-07 in FREE TO VIEW, BUSINESS-Services-Financial, GOVERNMENT-Law Enforcement

Criminals have published hundreds of bogus banking, finance, and crypto-currency apps that steal your money. A team of researchers at Sophos say they have identified as many as 167 fake banking, trading and crypto-currency apps that criminals are using to steal money and financial information from unsuspecting users.

These fraudulent applications are aimed at exploiting the increased interest in trading apps, driven by the recent significant rise in the value of crypto-currencies.

These are also led by interest in low-cost or free stock trading driven by stories like that of the recent social-media driven speculation in GameStop stock where there has been an extraordinary rise in the share price of the ailing video games retailer GameStop amid a surge of bets by small investors. 

The researchers discovered the fake apps while investigating another bogus mobile trading app, which presented itself as one linked to Asian gold trading firm Goldenway Group. The cyber criminals operating these fake Android and iOS apps used counterfeit websites, social engineering techniques, and a fake iOS App Store download page to trick potential victims into believing that they were downloading and installing a legitimate app. In one case, scammers targeted a user through a dating website, where they tricked him into downloading a fake crypto-currency trading app. They avoided requests for face-to-face meetings, citing the pandemic, but encouraged the user to buy crypto-currency and transfer it into their wallet. When the victim tried to close the account or withdraw money, the scammers blocked account access.

Sophos said all the fraudulent apps it identified use a common server and similar designs, suggesting that a single group or entity is responsible.

Some apps offered a customer support chat option, and were observed to be using near-identical language when contacted.
During investigation of one of the apps Sophos encountered a server which was hosting hundreds of fake trading, banking, foreign exchange, and crypto currency apps. 

Among them were counterfeit apps impersonating major financial firms and popular crypto-currency trading platforms, including Barclays, Gemini, Bitwala, Kraken, Binance, BitcoinHK, Bittrex, BitFlyer, and TDBank. Each of these fake apps had a dedicated website tailored to the impersonated brand to better fool potential victims. "People trust the brands and people they know, or think they know, and the operators behind these fake trading and crypto-currency scams ruthlessly take advantage of that," said Jagadeesh Chandraiah, a senior threat researcher at Sophos.

To protect themselves against this kind of scam, Chandraiah advised mobile users to only install apps from trusted sources, like Apple and Google's official app stores. He also stressed the need for people to be cautious about websites or apps that claim unrealistically high returns on investments. "If something seems too good to be true - promised high returns on investments, or professional-looking dating profiles asking to transfer money or crypto assets - it's likely a scam," Chandraiah said.

Unverified and third-party mobile apps are a long-standing and growing security issue. Last year, researchers reported about two malware campaigns targeting Android users with apps that claimed to optimise smartphone performance but actually delivered malware. 

Also last year, researchers at Kaspersky uncovered a cyber espionage campaign that had used the Google Play Store to distribute malware for about four years, proving that even the official app stores aren't completely safe.
Dubbed 'PhantomLance', the campaign was linked to threat group APT32 or OceanLotus, which is thought to have backed by the Vietnamese government.

Innocent people tend to put trust in things that are presented by someone they think they know.  And since these fake applications impersonate well-known apps from all over the world, the fraud is that more believable. If  something seems too good to be true, promised high returns on investments, or professional-looking dating profiles asking to transfer money or crypto assets and this is probably a scam.

Romance scams involve people being duped into sending money to criminals who go to great lengths to gain their trust and convince them that they are in a genuine relationship. They use language to manipulate, persuade and exploit so that requests for money do not raise alarm bells. These requests might be highly emotive, such as criminals claiming they need money for emergency medical care, or to pay for transport costs to visit the victim if they are overseas. Scammers will often build a relationship with their victims over time.

To avoid falling prey to such malicious apps, users should only install apps from trusted sources such as Google Play and Apple’s app store. 

How to Report Fraud

If you think you have been a victim of a romance scam, do not feel ashamed or embarrassed, you are not alone. Contact your bank immediately and in the United Kingdom report it to Action Fraud on 0300 123 2040.  

Sophos:       Coin Market Cap:          Computing:       Guardian:       Action Fraud

You Might Also Read:

Online Fraud Costs British Investors £63m:

 

« Microsoft’s Defensive Playbook
Identifying & Minimizing Security Vulnerabilities For Your Organization »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

2|SEC Consulting (2-SEC)

2|SEC Consulting (2-SEC)

At 2|SEC Consulting, we deliver an end-to-end service of cyber and information security solutions which are tailored to each client’s exact security needs.

Conceptivity +360 Cybersecurity

Conceptivity +360 Cybersecurity

Conceptivity +360 Security addresses advanced cybersecurity and supply chain security issues in policy, regulatory, legislation, standardisation, compliance and project management areas.

Basis Technology

Basis Technology

Basis Technology provides software solutions for text analytics, information retrieval, digital forensics, and identity resolution.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

VietSunshine

VietSunshine

VietSunshine is a leading provider of network security infrastructure and solutions in Vietnam.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

IoT Security Institute (IoTSI)

IoT Security Institute (IoTSI)

IoT Security Institute is an academic and industry body dedicated to providing frameworks and supporting educational services to assist in managing security within an Internet of Things eco-system.

CyCraft Technology Corp

CyCraft Technology Corp

CyCraft is an AI company that forges the future of cybersecurity resilience through autonomous systems and human-AI collaboration.

Founder Shield

Founder Shield

Founder Shield is a data driven insurance brokerage focused excusively on rapidly evolving high-growth companies.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

Nanitor

Nanitor

Nanitor is a powerful cybersecurity management platform focusing on hardening security fundamentals across your global IT infrastructure.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

Knownsec

Knownsec

Knownsec provides customers with cloud defense, cloud monitoring, and cloud mapping products and services with "AI + security big data" as the underlying capability.

SUCCESS Computer Consulting

SUCCESS Computer Consulting

SUCCESS Computer Consulting is a leader in managed IT and security services for small and medium-sized businesses in Minneapolis, St. Paul, and the surrounding Twin Cities Metro area.

ITConnexion

ITConnexion

ITConnexion is an Australian-based Managed IT Service with over 20 years of experience. We offer a complete IT management service for non-profits, SMEs, and enterprises.