Blog

Shopper Safety – Beware of Fake Apps and Wifi Hotspots

shopper

Now that holiday shopping is upon us, security researchers are handing out advice on how to protect yourself and your information from cyber hacking. More and more shoppers use their smartphones while they are shopping, to compare prices and deals at other stores or online. Reports by RiskIQ, an enterprise security firm, estimates that 30 percent of Cyber Monday and Black Friday shopping will be done on a mobile device.

Cyber criminals are well aware that shoppers are relying heavily on their smartphones this holiday season. Noticing that many consumers often connect to free wifi hotspots while shopping, hackers have taken to setting up fake wifi zones to entice people into connecting. Consumers may see a wifi network available named “Macysfreewifi” and connect without even second guessing – often times the store isn’t even in the mall! If you see a wifi network labeled with a store name that is nowhere nearby, do not connect. The same goes for wifi networks set up with the word “free”, often these are bogus as well.Ā Hackers will also monitor communications over legitimate networks that are poorly secured and not properly configured, but this is a more difficult process than gettingĀ an unsuspecting shopper to connect to a malicious network.

Hackers are also known to repackage legitimate applications so that the fake application they create looks almost identical to the real thing, in the hopes you will choose theirs instead. Sometimes hackers will create a completely fake application from scratch, such as “Amazon Rewards” that does not exist in the official app stores. Many times these fake apps will promise rewards or points for downloading. The fake Amazon Rewards app was found to be a trojan, spread by using fake Amazon vouchers and a link to a fake website sent via SMS text messages. The fake app even accesses the user’s contacts to send the vouchers to more mobile phones without permission.

This is not the first fake application, and it most certainly will not be the last. RiskIQ found 1 million applications that have been blacklisted for using brand names in the title or description of the application to trick consumers. The only real way to avoid such applications is to go directly to official application stores such as Google Play and Apple App Store to download applications.

Things To Remember:

  • Download applications only from official app stores

  • Beware of apps that ask for permissions to contacts, text messages, stored password or credit card information

  • Question applications that have rave reviews, they are easy to forge

  • If you do not understand the warning on your device, do not click continue

  • Update your device to the most current operating system

  • Disconnect from the network if your phone begins to act up or crash

 


If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.computerworld.comĀ