Beta-testing apps are services that allow app developers to test mobile apps before they are officially released. However, beta-testing apps are usually not subjected to the review processes of a mobile operating system.
In a public service announcement released this August, the FBI warned that cybercriminals are "embedding malicious code in mobile beta-testing applications" to defraud their potential victims.
The agency also warned that cybercriminals will often try phishing or romance scams to establish communications with the victim. After gaining their trust, the victims will be instructed to download a mobile beta-testing app hidden within a mobile beta-testing app environment, "promising incentives such as large financial payouts."
Here are some potential red flags of a malicious app:
According to the FBI, these malicious apps allow hackers to steal personally identifiable information. The apps can also be used to access the financial accounts of victims and to take over their devices.
The apps may look legitimate because hackers will use names, images or descriptions similar to popular apps. The agency advised users to always check app developer and customer reviews before downloading any app. Users were also warned to restrict app permissions and uninstall apps they're no longer using.
Other malicious apps may request access to permissions that don't have anything to do with its stated functionality. For example, if an app description has spelling and grammatical errors or provides vague, generic information while details of functionality are missing, the FBI warned that people could be trying to download a malicious app.
The FBI said it is already aware of various fraud schemes where unidentified cyber-criminals contact victims on dating and networking apps and instruct them to download mobile beta-testing apps, such as cryptocurrency exchanges, that "enable theft."
Because they believe they are talking to a real person, the victims will enter their legitimate account details into the app. Next, they will be sending money they think will be invested in cryptocurrency, but instead, the victim's funds are sent to the cyber-criminals instead.
The FBI warned that if smartphone users were to download a fraudulent app that is being advertised as a legitimate crypto investment app, they may end up losing money through fake investments.
Additionally, it warned people to avoid sending payment to anyone with whom they have only spoken online, even if it seems like they "have established a relationship with the individual."
The agency advised users to also avoid opening an email, email attachment or message if they seem suspicious even if the installed antivirus software claims that they are safe to open. People should also be careful of unsolicited attachments, even when they come from known individuals, warned the FBI. The agency told users not to download or use suspicious-looking apps as a tool for investing unless they can "verify the legitimacy of the app."
Users were also told to be aware of a sense of urgency or threats, such as an email or notification warning them that "your account will be closed" if they don't comply or a message telling them that they must "act now." (Related: More than 376M SCAM messages sent daily to steal money, clone voices of Americans.)
Visit CyberWar.news for more articles about different scams and cybercrimes.
Watch this video about the employee and patient information exposed in the Norton Healthcare data breach.
This video is from the InfoWarSSideBand channel on Brighteon.com.