In order to steal your login data, cyber criminals are currently using imitations of popular apps such as WhatsApp. This is how you can recognize the dangerous fakes.
Beware of a malware-infected version of WhatsApp. (Source: Netzwelt)
These apps are not what they seem
This is how data theft succeeds
How to protect yourself
Cyber criminals know many ways to get hold of your personal data. Almost every day you have to deal with phishing emails in the name of banks or annoying spam calls. However, if you have developed an eye for the scams and know what clues reveal them, it is relatively easy to recognize them. The situation is different with fake apps.
Software infected with malware often appears legitimate at first glance. In addition, the fraudsters often manage to smuggle the malware into the Google Play Store, which is actually considered a safe source. Cyber criminals also use this method to cause problems for owners of Android devices.
Security experts from Sonicwall Capture Labs have come across five dangerous apps that pretend to be popular software. One of them is the messenger WhatsApp. The main target of the cyberattack is your passwords. A simple trick is used to get hold of them.
These apps are not what they seem
To get you to download the malicious apps, the criminals give them a new coat of paint. They use the look of popular applications for the icons. This sometimes makes it seem as if the software is genuine.
You can recognize some of the fake apps by their icons. (Source: Sonicwall Capture Labs)
However, some icons can be immediately identified as fake if you know the original. The five fake apps in question imitate Instagram, Snapchat, WhatsApp, Google and X (formerly Twitter).
If the deception works and you download one of the apps, the first thing you’ll be asked for is “Device Management” and “Accessibility” permissions. This should set off alarm bells. This is because this approach is not normal. With this permission, applications can change settings on your smartphone without your intervention. This is exactly the plan of the integrated malware.
This is how data theft succeeds
With your access confirmation, the malware can take control of your smartphone or tablet. In doing so, it collects sensitive information about you. It also establishes a connection to the cyber criminals via a server and waits for further commands.
If instructed, the malware can forward your chats, call lists and contacts to the fraudsters. Sending fake messages and visiting phishing sites is also no problem for the malicious software. This is how the criminals also get hold of your login data.
The phishing pages are difficult to distinguish from real login windows. (Source: Sonicwall Capture Labs)
The malware uses fake HTML files to direct you to Instagram, PayPal, Netflix, Facebook, or even Microsoft sites. A login window opens immediately, where you are asked to enter your login details. In reality, however, it is a fake. If you enter your data, it is immediately forwarded to the cyber criminals.
After that, it is easy for them to take over your accounts. This means that highly sensitive data falls into the hands of the fraudsters. The consequences can be major financial damage and identity theft.
How to protect yourself
According to security researchers, the method used to spread the five fake apps is not yet known. This is precisely why the right protective measures are extremely important. If you want to download an app for your Android device, you should always use a trustworthy source. We therefore advise extreme caution when downloading from outside the official Google Play Store.
However, Google’s App Store is no guarantee of safe software. Programs infected with malware keep cropping up there. So always pay close attention to the name of the app, the manufacturer, and the rating and comments. You can also identify the five fake apps this way. The Instagram clone, for example, is distributed under the name “Instagram indo”.
To prevent your account from being taken over by cybercriminals if you fall for a phishing scam, you should also set up two-factor authentication on all accounts where possible. However, since this malware has access to your messages, it could circumvent the security system.
We recommend that you scan your mobile device for the affected apps and delete them immediately. An antivirus program can be a great help in locating them and protecting you in the future. If one of the applications was actually on your phone, you should also change all your passwords immediately.
- ” Tip: The best VPN providers for more security and data protection
- » Buy a balcony power plant: Comparison of the best solar systems
Don’t miss anything with the NETWORK-Newsletter
Every Friday: The most informative and entertaining summary from the world of technology!