Wolf in Sheep’s Clothing in 2017: Fake Apps and Phishing Scams


wolf

If you have had an e-mail account in the past decade, you probably recognize this e-mail message:

ATTN: URGENT BUSINESS PROPOSAL

We have thirty million U.S. dollars which we got from over inflated crude oil contracts awarded to foreign contractors in the Nigeria National Petroleum Corporation. We are seeking your help to remit this amount into your bank account. Your commission is thirty percent of the money.

Variations include mention of a Nigerian prince or other members of the royal family seeking to transfer large amounts of money out of the country. These e-mails often ask the recipient to provide bank account and routing numbers to complete the transaction. In reality, these e-mails are scams disguised as a proposal for a lucrative transaction. 

Fast forward to the age of smartphones and applications, many netizens have become online-savvy and know how to spot scam e-mails. However, the scammers have upgraded their wardrobe of disguises to blend in with other commonly used apps and online stores.

Bratislava, Slovakia-based information technology security company ESET spol. s. r.o. discovered a malware that disguises itself as a weather forecast app. The malware—Trojan.Android/Spy.Banker.HU—is a “trojanized version” of otherwise benign weather app Good Weather, ESET said. The malicious app is able to remotely unlock and lock compromised devices and intercept text messages, it said. 

There are other cleverly-disguised malwares and scams. Sunnyvale, Calif.-based cybersecurity software company Fortinet Inc. found a new phishing scam that uses a fake iTunes receipt for movie purchases to access Apple Inc. users’ information. The company said that at the bottom of the fake receipt, there’s a link for a “full refund” in cases of unauthorized purchases. In reality, the link takes customers to a URL designed by the cybercriminals, asking customers to fill out a form with personal information. Fortinet said similar cases were reported in 2015, except those cases used fake receipts for songs and books. 

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.