Trusting android apps blindly will make you pay for real

CrimeScience & Technology

NP NEWS NETWORK

[amazon_link asins=’B0756RF9KY,B01FM7GGFI,B01DDP7D6W,B0784D7NFX,B077PWBC7J,B071HWTHPH,B078BNQ313,B0756ZJKCY,B0746JXMWV’ template=’ProductCarousel’ store=’policenama100-21′ marketplace=’IN’ link_id=’4f51291a-940b-11e8-97ff-8178046acc3d’]

Be careful before you trust any android app on Google Play store as an illicit case of cyber-crime has come up on Monday, in which fake android apps were being operated by some unidentified hackers of three well known banks of India; ICICI, HDFC and RBL. The hackers were allegedly fooling some credit card owners.

According to information given by ESET last week, an IT security firm in Bratislava, Slovakia, the following android apps were available for download on the Play Store between June and July 2018 and information like credit card account numbers, names, expiry dates, and CVV was channeled by the customers through fake application forms which the potential victims had filled up.

Not only was this, but the intimate information about the customers was stolen and also made viral online. The report given by ESET said, the application forms on the app were uploaded with a target of increasing the credit card limits of the credit card owners but unfortunately their information was stolen been misused.

According to sources, the banking apps were easily identifiable as the apps only required the personal banking details of the customer and not any other details related to the functioning of the app.

The victims were been fooled and were traced back to only one criminal. One was removed after the other, a clear indication that the attackers were hustling to get something out of it.

The company has advised all mobile banking app users not to fall into the trap led by the hackers and cheaters who promise to increase credit card limits, especially when the transactions are not done in person or in legitimate correspondence. Also, users are strictly warned to pay attention to the number of downloads of an app as well as check the ratings and reviews before downloading an app from the Google Play Store.

“The data entered into the bogus forms is sent in plain text to the attacker’s server. The listing of the stolen data on that server is accessible to anyone with the link, without requiring any authentication,” wrote ESET. “For the victims, this amplifies the potential damage, since their sensitive data is not only at the attacker’s disposal, but potentially available to anyone who comes across it.”

ESET (Enjoy Safer Technology), has discovered many fake apps earlier which were supposedly run by the hackers like Pokemon Go, etc.

According to an app developer Aviraj Marathe, “A developer can easily replicate a Graphical User Interface (GUI) of any mobile application.” He also shared how these apps are stealing the data. He said “these apps are built exactly similar like a original banking app and uploaded to play store. When user search for a particular app on play store these apps are shown in search results and due to lack of any technical understanding they download these apps. Once a user downloads a app. The app has a login screen where user need to put his credentials this is where the hacker gains a private user data as the user inputs his details. The data is then sent to hackers’ server in plain text format leaving all his valuable personal data highly vulnerable.”

When asked on how to identify a genuineness of an app, he said “User needs to check number of downloads, star ratings review, developer name, website and email. Most of the banks have their app links on their web portals so users can cross check play store links with bank websites as well.”

Even after so much of alerts and warnings given by the banks via mails and SMS sent to the bank customers, people are still been tricked by the culprits. When are people going to think and act smart, and act accordingly? The citizens of India really need to act smart with the change in generation and passage of time.

Staying safe from the scams prevalent all over India is really important. Here’s what you need to know before downloading a mobile app from Google play store:

  • Check the reviews: The app rates and the reviews of an app given by the people should be examined properly before downloading an app from play store.
  • Go through the app thoroughly: Do an in-depth research on the details of the app and inspect the authenticity of the pages.
  • Look for the name of app developer: Look for the name of the app developer as in case of any miss-hap, the app developer shall be held responsible.
  • Don’t trust apps easily: Be careful before sharing personal details on any app as the apps after invading into your privacy can misuse the details.

You might also like More from author

Comments are closed.