Owing to the fake trading apps flourishing online, Paul Ducklin, Principal Security Researcher, Sophos has shared a few tips on how one can avoid falling prey to such apps.
Tips to beware of fake online trading apps, on iOS as well as Android -
- If it sounds too good to be true, it is too good to be true.
Even if you think of all your social media and dating site connections as friends, you have no idea what their motivation is for talking up any investment scheme they recommend. For all you know, they could already have fallen for a scam themselves and be unknowingly dragging you in after them, or their account could have been hacked.
- Find your own way to investment websites you want to investigate.
In these scams, the crooks are hoping you won’t check the links they send you too closely because they’re coming from a “friend” and so can trust the links implicitly. But even if a link does come from a true friend, they could have made a mistake, so do your own searches anyway.
- Never install iPhone apps that don’t come from the App Store
Unless you know for sure that they were built, tested and delivered by your own employer for a legitimate purpose that’s specific to your business. Be especially wary if the person trying to pitch the app to you comes up with a bunch of excuses such as “you’re an early adopter so you get the app before its release to the App Store”, or other tall stories that try to justify why they are unable to deliver the app in the regular way.
Paul Duckling says that trading app scammers prey on vulnerable people online and lure them into investing into these apps with schemes and investment opportunities that are really just a pack of lies. As if that isn’t bad enough on its own, one of the scams that SophosLabs investigated reminded us, yet again, that cybercriminals often aren’t very good at cybersecurity themselves. The criminals’ server had a wide-open directory that contained all the genuine customer data that they had collected under the guise of “know your customer” regulations, such as scans of passports, ID cards, driving licences and more.