Shoppers looking for an early Black Friday bargain has been warned against online services that appear too good to be true.
Security firm Zscaler says it has uncovered fake apps that appear to offer early access to Amazon’s ‘Black Friday’ and ‘Cyber Monday’ offers and deals, but in reality contain malware that can scam large number of people.
Shoppers who install the app could be at risk of having their personal information or payment details stolen, the company is warning.
Once installed, the malware disguises itself as a legit Amazon app, but when started up, loads another app named “com.android.engine”. This application then asks for administrative privileges and other risky permissions like sending SMS and dialling phone numbers, rooting itself on to the device and meaning it cannot be easily removed.
It will then begin displaying the error message: “Device not supported with App”, making the user think they should delete the fake Amazon app, but leaving the malware in place.
This then loads a code routine to collect victim’s browser history and bookmarks, as well as being able to able to harvest the call logs, received inbox messages and segregate it into sender’s numbers, SMS body, received incoming call number and contact names.
“Especially during this shopping season, consumers need to be aware of the applications they’re downloading and stay away from such fake apps,” Zscaler warns.
“Always install applications from legitimate app stores and websites. Be aware of the permissions asked by the application during installation. Shopping apps should not be asking for access to your contacts or SMS. Keeping an eye on the permissions used by the app can save you from installing such fake apps.”
Take our data breaches of 2015 quiz here!
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…