Friday, November 15, 2024

Android, Don’t Download Those Apps – 151 Trigger Some Amazing Scams

Date:

A photo editor, a camera filter, games and other applications promoted through the Instagram and TikTok channels, for a total of 151. All fake, or worse, all fraud. Everything in the Android Play Store.

Google, 151 problems in Play Store (Adobe Stock)

Last week it was reported, in one fell swoop, 80 apps belonging to a premium SMS scam campaign, which subscribes victims to expensive services, to extort unsuspecting users, withdraw money from their credit cards, Poste Pay, etc.

All applications are part of the UltimaSMS Campaign, which consists of 151 applications available for download on the Google Play Store, already downloaded by 10.5 million users, almost identical in structure and functionality.

Fake app, the process to extort money from unlucky users

Google removes 151 apps from the Play Store.  The question remains, problem solved?
Google removes 151 apps from the Play Store. The question remains, problem solved?

They are basically copies of the same fake app used to spread the premium SMS scam campaign. “This leads me to believe that there is a bad actor or band behind the whole campaign.” So writes blog.avast.com, which reports 80 of the 151 applications in question. “I called the campaign ‘UltimaSMS’ because one of the first apps I discovered was called Ultima Keyboard 3D Pro. The fake apps I found have a wide range of categories like custom keyboards, QR code scanners, video and photo editors, spam call blockers, camera and game filters, among others ”.

UltimaSMS appears to be a global campaign, since according to the knowledge of Sensor Tower, a marketing intelligence and mobile application knowledge company, users in more than 80 countries have downloaded applications capable of extorting money from Internet users, especially in Middle East: Egypt, Saudi Arabia, Pakistan, but also the United States and Poland.

Avast tracked the first UltimaSMS samples in May 2021 and new campaign samples were released earlier this month, which means the scam is still ongoing. A classic process.

When a user installs one of the applications, the application in question checks your location, IMEI (International Mobile Equipment Identity) and phone number to determine which country code and language to use for the scam. Once the user opens the application, a screen, located in the language in which the device is configured, asks to enter their phone number and, in some cases, the email address to access the advertised purpose of the device.

“The discovered applications are essentially identical in structure – avast researchers comment – the profiles present captivating photos and attractive application descriptions, with very high reviews.” However, on closer inspection, privacy statements and top developer profiles are too general. “They also tend to have numerous negative reviews from users who have correctly identified the applications as scams – avast concludes – they have fallen for the scam.” Google removed 151, but who knows how many there might be. So keep your eyes open and your hands up: before pressing ok, read the information carefully.

Ebenezer Robbins
Ebenezer Robbins
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.

Share post:

Popular

More like this
Related

Practice Acrylic Nail Techniques Without Needing a Fake Hand

When you're starting your journey with acrylic nails, practice...

Inside the World of Common Snapping Turtles: Behavior and Habitat

The common snapping turtle (Chelydra serpentina) is one of...

How to Use Video Marketing to Promote B2C Products?

Video marketing has emerged as a powerful tool for...

Adapting to Change: The Future for Leopard Tortoise Environments

Leopard tortoises, known for their striking spotted shells and...