The FBI is warning the public that cyber criminals are embedding malicious code in mobile beta-testing applications (apps) to defraud potential victims. Beta-testing apps are online services for testing of mobile apps prior to official release. The beta apps typically are not subject to mobile operating systems’ review processes.
The malicious apps enable theft of personally identifiable information (PII), financial account access, or device takeover. The apps may appear legitimate by using names, images, or descriptions similar to popular apps. Cyber criminals often use phishing or romance scams to establish communications with the victim, then direct the victim to download a mobile beta-testing app housed within a mobile beta-testing app environment, promising incentives such as large financial payouts.
The FBI is aware of fraud schemes wherein unidentified cyber criminals contact victims on dating and networking apps and direct them to download mobile beta-testing apps, such as cryptocurrency exchanges, that enable theft. The victims enter legitimate account details into the app, sending money they believe will be invested in cryptocurrency, but instead the victim funds are sent to the cyber criminals.
If a victim downloads one of these fraudulent beta-testing apps masquerading as a legitimate cryptocurrency investment app, the app can extract money from the victim through fake investments.
Red flags of a malicious app include:
- Mobile battery draining faster than usual
- Mobile device slowing down while processing a request
- Unauthorized apps installed without the user’s knowledge
- Persistent pop-up ads
- A high number of downloads with few or no reviews
- Apps that request access to permissions that have nothing to do with the advertised functionality
- Spelling or grammatical errors, vague or generic information, of a lack of details about the app’s functionality within the app description
- Pop-ups that looks like ads, system warnings, or reminders
- Check app developers and customer reviews before downloading.
- Do not send payment to someone you have only spoken to online, even if you believe you have established a relationship with the individual.
- Do not provide personal or financial information in email or message and do not respond to email or message solicitations, including links.
- Do not download or use suspicious looking apps as a tool for investing unless you can verify the legitimacy of the app.
- Be aware of a sense of urgency or threats, such as ‘your account will be closed’ or ‘act now’
- Be wary of unsolicited attachments, even from people you know. Cyber criminals can “spoof” the return address, making it look like the message came from a trusted associate. Do not respond.
- If an email, email attachment, or message seems suspicious, do not open it, even if your antivirus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the antivirus software might not have the signature.
- Don’t click links in emails or text messages. Many cyber criminals use legitimate-looking messages to trick users into providing login details. Check the URL by hovering over the link and check for inconsistencies.
- Scrutinize attachments and website hyperlinks contained in emails, even from people you think you know and save and scan any attachments before opening them.
- Keep software up to date.
- Restrict app permissions and uninstall apps you do not use.
The FBI requests victims report fraudulent, suspicious or criminal activity to the FBI Internet Crime Complaint Center at www.ic3.gov.