Cybercriminals Are Targeting App Beta-Testing, and This Is What to Look Out For | #DatingScams | #LoveScams | #RomanceScans

Key Takeaways

  • Be cautious of unsolicited messages offering beta access to apps. Scammers may use dating apps to establish trust before convincing you to download a malicious app.
  • Check the developer’s history and reviews. Avoid apps with a history of bad reviews or if you can’t find any information about the developer. Lack of reviews, bad reviews, or suspiciously positive reviews are red flags.
  • Pay attention to app permission requests. If a request seems unreasonable or makes you uncomfortable, avoid the app. Cryptocurrency exchanges, for example, should not require access to your contacts or camera.

Beta-testing mobile apps can be an exciting and rewarding experience. Before diving in, you should know it comes with a few cybersecurity risks. Most significantly, criminals can use fake beta tests to steal your data or money.

Here’s a closer look at these schemes and how to avoid them.

How Do Mobile App Beta-Testing Scams Work?

An August 2023 FBI announcement warned users of a trend in app beta-testing scams. Victims start by downloading a seemingly innocent app that the creators want you to think is a beta version of an upcoming release. However, it’s little more than a phishing front. Most victims are lured into the beta-testing scam by fake profiles on dating apps that establish trust with victims before convincing them to download the beta-testing app.

The malicious apps enable theft of personally identifiable information (PII), financial account access, or device takeover. The apps may appear legitimate by using names, images, or descriptions similar to popular apps.

How the scam apps steal from you depends on the kind of service it pretends to be. Cryptocurrency exchanges are one of the most frequently abused beta-app scams. Once downloaded, when the victim tries to buy crypto, it goes straight to the criminals, and they get nothing or a valueless fake token in return. Other scam apps install malware in the background, including keyloggers, spyware, or remote access Trojans (RATs) that pull sensitive data from your phone, such as banking credentials, social media passwords, and so on.

Beta apps are ideal for criminals because app stores don’t vet these programs as they do the final versions. As a result, it’s a lot easier to get away with a scam “beta” app than to get a finished product from an official store. However, a Google spokesperson told Bleeping Computer that every app goes through the same testing process, beta or not, so it doesn’t make a difference.

It seems more likely that victims are sent a malicious APK on Android to install outside of the Play Store environment, dodging any inbuilt protection from Google’s app store.

4 Red Flags of Dangerous Apps

If you want to beta-test apps, it’s important to understand the risk and learn how to spot beta-app scams.

1. Someone Contacts You Offering Beta Access

The biggest red flag to spot a scam beta app is that someone is contacting you out of the blue on any platform, not just dating and romance apps. Even if you’ve been chatting to someone for a while, if they suddenly turn the conversation to crypto or suggest you use a new, unreleased version of an app, it’s extremely likely to be a scam of some type.

These messages might be attached to a sense of urgency, too, like, “Use it now before the app expires” or “Make sure to try it before your account is closed,” or something similar.

2. Suspicious Developer History and Limited Reviews

One of the best ways to spot a scam app is to look at its developer. If the company has a history of bad reviews, it’s best to avoid them. It’s equally suspicious if you can’t find any information about it.

Also, check the app’s reviews if possible. Beta versions will naturally have fewer reviews than finished products, but if there aren’t any at all, it’s a red flag. That’s especially true of apps with high download numbers. Bad reviews should also steer you away, as should good ones that sound quickly written or robotic. You might also find that you’re not able to leave a review at all, which is another bad sign.

3. Unreasonable Permission Requests

Permission requests that don’t seem reasonable or don’t make sense for the app’s service are another red flag. There’s no reason a cryptocurrency exchange should have access to your contacts or camera. As a rule of thumb, avoid the app if a request seems odd or makes you uncomfortable.

4. Poor Descriptions

You should also look at the app’s description. Cybercriminals often create content quickly because its quality doesn’t matter much to them. Consequently, scams are more likely to have spelling errors or poor grammar than something from a legitimate business, which is a red flag throughout the security world. Vague descriptions, overly generic images, and value statements should also raise alarms.

Watch Out for App Testing Scams

App beta-testing scams are more common than you may think, but you can spot them if you know what to watch for. Once you know these threats exist and what they normally look like, you can find genuine apps to test without risking your security.

Source link


Click Here For The Original Source.

National Cyber Security