March 27, 2017
That Fake App Just Stole Your ID
Ryan loved tweaking photos on his Android phone.
He’d heard rave reviews from his friends with iPhones about Prisma, a new iOS app for image editing. So when he heard Prisma would soon be released for Android, he logged in to the Google Play Store to see if it was there yet.
To his surprise, he found one that looked just like what his friends were describing. Delighted, he downloaded and started using it. Meanwhile, the app—a fake—was busy installing a Trojan horse on his phone.
When he got to work the next day, he logged his phone into the company network as usual. The malware jumped from his phone to the network. Yet no one knew. Not yet, but that was about to change…
Now, this isn’t necessarily a true story (at least, not one we’ve heard of—yet…), but it absolutely could have been. And similar situations are unfolding as you read this. Yes, possibly even at your company…
Fake apps exploded onto iTunes and Google Play last November, just in time for holiday shopping. Apple “cleaned up” iTunes in an effort to quell users’ concerns, but hackers still find workarounds. Unfortunately, these fake apps pose a real threat to the security of your network. Especially if your company has anything but the strictest BYOD (bring your own device) policies in place. And the more your network’s users socialize and shop on their smartphones, the greater the risk of a damaging breach on your network.
Fake apps look just like real apps. They masquerade as apps from legitimate merchants of all stripes, from retail chains like Dollar Tree and Footlocker, to luxury purveyors such as Jimmy Choo and
Christian Dior. Some of the more malicious apps give criminals
access to confidential information on the victim’s device. Worse yet, they may install a Trojan horse on that device that can infect your company’s network next time the user logs in.
So what can you do?
First, keep yourself from being fooled. You can easily be tricked unless you know what to look for. Take the following advice to heart and share it with your team:
Beware of Fake Apps!
Take a moment and reflect on these five tips before downloading any app:
- When in doubt, check it out. Ask other users before downloading it. Visit the store’s main website to see if it’s mentioned there. Find out from customer support if it’s the real McCoy.
- If you do decide to download an app, first check reviews. Apps with few reviews or bad reviews are throwing down a red flag.
- Never, EVER click a link in an
e-mail to download an app. Get it from the retailer’s website, or from iTunes or Google Play.
- Offer as little of your information as possible if you decide to use an app.
- Think twice before linking your credit card to any app.
Most importantly, get professional help to keep your network safe. New cyberscams, malware and other types of network security threats are cropping up every day. You have more important things to do than to try and keep up with them all.
The Most “Bullet-Proof” Way To Keep Your Network Safe
Don’t let your company become yet another statistic, hemorrhaging cash as a result of a destructive cyber-attack. Make sure your systems are safe.
A great first step is a Cyber Security Risk Assessment, which checks your network for any points of entry for an attack. This assessment is FREE for the first 6 businesses that apply, but DON’T RISK WAITING. E-mail email@example.com NOW before the next scam puts your network at risk.