Hackers now using beta-testing apps to target victims, says FBI

The FBI issued a warning over a particular type of app that could be making the public vulnerable to cyber criminals aiming to defraud them.

Through a public service announcement published this week online, mobile device users were being cautioned on how to recognize if an app was being utilized as a tool to steal money or identities. Specifically, beta-testing apps were singled out for enabling “theft of personally identifiable information.”

“The FBI is aware of fraud schemes wherein unidentified cyber criminals contact victims on dating and networking apps and direct them to download mobile beta-testing apps, such as cryptocurrency exchanges, that enable theft,” said the statement that was shared on social media Tuesday.

“The victims enter legitimate account details into the app, sending money they believe will be invested in cryptocurrency, but instead the victim funds are sent to the cyber criminals,” the statement continued.

Additionally, the FBI said, “The malicious apps enable theft of personally identifiable information (PII), financial account access, or device takeover. The apps may appear legitimate by using names, images, or descriptions similar to popular apps.”

It was suggested that one way to direct users to the beta-testing apps was through “romance scams” that build a rapport only to ultimately cost the victim severely.

A number of red flags were provided on possible signs that an app could be malicious including, “Spelling or grammatical errors, vague or generic information,” “A high number of downloads with few or no reviews” and faster than normal battery drain.

Furthermore, the agency offered a series of recommendations on how to avoid getting spammed altogether.

“Do not send payment to someone you have only spoken to online, even if you believe you have established a relationship with the individual,” the FBI recommended, and, “Be aware of a sense of urgency or threats, such as ‘your account will be closed’ or ‘act now.'”

“Scrutinize attachments and website hyperlinks contained emails, even from people you think you know and save and scan any attachments before opening them,” was also listed in addition to “Restrict app permissions and uninstall apps you do not use.”

Efforts to crack down on cybercrime were coupled with efforts to prevent violation of federal law regarding cryptocurrency. As a result, the FBI recently announced in a filing reported by Cryptopolitan that between March and May of this year, roughly $1.7 million in digital assets had been recovered representing Ethereum, Bitcoin, Monero and others.

Anyone believing themselves to be a victim of cybercrime was encouraged to reach out to the FBI at their Internet Crime Complaint Center (IC3), if for nothing else but to prevent others from being victimized.

As the FBI has continued to suffer from its tarnished reputation, reactions to the PSA were ill-met by some who saw a gross negligence of duty for alleged crimes that have gone seemingly ignored while others drew attention to the vague warnings.

Kevin Haggerty

Comment

We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.

Latest Articles