The FBI recently issued a warning about scammers infecting malware in mobile beta testing apps. Everyone uses a multitude of apps, but before they are formally made available, it is common for legitimate developers to make a limited number of the apps available for what is called beta-testing to help determine flaws and make improvements in the final version of the app before the app is made generally available in places like Google Play, the App Store or the Microsoft Store. Scammers take advantage of this situation to offer apps they create with intentionally injected malware. One aspect of beta testing apps that works to the advantage of scammers is that unlike the final version of apps offered at the usual app stores, beta tested apps are not subject to mobile operating systems’ review processes so they have not been screened before being offered thereby making it easier to disguise their malware.
These malicious apps often appear legitimate with easily counterfeited names, images and descriptions of popular apps. Scammers lure their victims into downloading the apps through phishing emails or often after building trust through a romance scam. The malicious apps can steal information and use it to make someone a victim of identity theft. Another common malicious app appears to be a cryptocurrency exchange that lures people into thinking they are investing in cryptocurrencies, but end up merely sending their funds to a scammer.
TIPS
Personally, I think the risk is too great to use beta testing apps. After years of working in the world of scams, I may be a bit paranoid, but remember, even paranoids have enemies. If you are considering down loading a mobile beta testing app, make sure you research the app’s developers to make sure they are legitimate. Cryptocurrency and investment apps that are in the beta testing mode should be avoided because, at best they have not been fully vetted. For the same reason, you should avoid beta testing apps that ask for personal information.
Common signs of malicious apps to be on the lookout for include your battery draining faster than usual, slow processing speed, persistent pop-ups and requests for permissions that don’t seem to match the described function of the app.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and insert your email address where it states “Sign up for this blog.”