Installing beta versions of apps to get newer features before others or simply to try out new features and changes coming to apps in future has become a common phenomenon. However, this has led to the rise of a new type of scam and phishing attack.
FBI warns about a new beta app scam
The Federal Bureau of Investigation has issued a warning against installing beta versions of apps as cybercriminals have started embedding malicious code in mobile beta-testing applications (apps) to defraud potential victims.
For those unaware, beta apps are basically pre-release version of apps that developers issue to users in order to test new features and receive feedback based on them in order to improve and refine the overall experience before the official rollout.
How malicious beta apps affect users
According to the warning issued by the FBI, these malicious apps pose a risk of enabling theft of personally identifiable information (PII), financial account access or device takeover. These beta mobile apps claim to be from authentic sources and pretend to be legitimate by using names, images or descriptions similar to the original apps.
How beta mobile app scam works
Phishing or romance scams are two main ways for cyber criminals to establish communications with the victim. Once the communication is established, they convince the victim to install a mobile beta-testing app within a mobile beta-testing app environment. They also promise added incentives like large payments for installing and using the apps. The most common beta testing app is cryptocurrency exchange and these apps trick victims into entering account details to make payments in order to invest in cryptocurrency. However, these account details and the funds are transferred to cyber criminals instead.
Basically, these apps extort money from victims in the name of investment which is actually a fake investment.
To protect this from happening, the FBI has also laid down a couple of recommendations for users, here’s a list of things that you should keep in mind while installing beta mobile apps and to stay safe from such scams.
FBI warns about a new beta app scam
The Federal Bureau of Investigation has issued a warning against installing beta versions of apps as cybercriminals have started embedding malicious code in mobile beta-testing applications (apps) to defraud potential victims.
For those unaware, beta apps are basically pre-release version of apps that developers issue to users in order to test new features and receive feedback based on them in order to improve and refine the overall experience before the official rollout.
How malicious beta apps affect users
According to the warning issued by the FBI, these malicious apps pose a risk of enabling theft of personally identifiable information (PII), financial account access or device takeover. These beta mobile apps claim to be from authentic sources and pretend to be legitimate by using names, images or descriptions similar to the original apps.
How beta mobile app scam works
Phishing or romance scams are two main ways for cyber criminals to establish communications with the victim. Once the communication is established, they convince the victim to install a mobile beta-testing app within a mobile beta-testing app environment. They also promise added incentives like large payments for installing and using the apps. The most common beta testing app is cryptocurrency exchange and these apps trick victims into entering account details to make payments in order to invest in cryptocurrency. However, these account details and the funds are transferred to cyber criminals instead.
Basically, these apps extort money from victims in the name of investment which is actually a fake investment.
To protect this from happening, the FBI has also laid down a couple of recommendations for users, here’s a list of things that you should keep in mind while installing beta mobile apps and to stay safe from such scams.
- Before installing the beta application, make sure to check app developers and customer reviews.
- Avoid sending payments to someone you haven’t met or just spoken online even if things look fine from your end.
- Avoid providing personal information or financial information in emails or messages. Also, do not respond to emails or messages that include links.
- Do not download or use suspicious-looking apps as a tool for investing unless you can verify the legitimacy of the app.
- Maintain a vigilant attitude towards urgency or threats in messages, such as warnings of your account being closed or demands for immediate action.
- Exercise caution when receiving unexpected email attachments, even from familiar contacts. Cybercriminals can manipulate the sender’s information to make it appear trustworthy. Avoid interacting with such messages.
- If you encounter an email, attachment, or message that raises suspicions, refrain from opening it, even if your antivirus software claims it’s safe. Attackers frequently release new viruses that may go undetected by antivirus programs.
- Avoid clicking on links within emails or text messages. Many cybercriminals craft convincing messages to deceive users into divulging login credentials. Verify the legitimacy of a link by hovering your cursor over it and checking for any inconsistencies.
- Scrutinise email attachments and website links, even if they originate from contacts you recognise. Prior to opening attachments, save and scan them for potential threats.
- Ensure that your software is kept up to date to safeguard against vulnerabilities.
- Exercise strict control over app permissions and uninstall unused applications to minimize potential security risks.