Attention smartphone shoppers: Watch for cybercriminals using phony apps
or messages in an effort to hijack your device or steal your data.
Law
enforcement and security experts say that as more people use their
mobile devices in stores and on open Wi-Fi networks, the risks are
increasing as well.
The FBI-backed Internet Crime Complaint Center
is warning consumers to be on the lookout for fraudulent apps, messages
and Wi-Fi networks which can trick users of mobile devices to divulge
passwords, personal data or credit card numbers.
"Many times,
e-mails, texts or phone calls will look or sound like they are coming
from a well-known retailer, stating a need to 'verify' the full credit
card number you used for a purchase or ask you to click a link to update
personal account information," the center said.
The center said
Android devices are often targeted by spyware, including one system
called FinFisher, capable of taking a mobile device, or Loozfon, "an
information-stealing piece of malware."
Security firm McAfee's
Gary Davis said that as the popularity of apps surges, "so have the
chances that you could download a malicious application designed to
steal your information or even send out premium-rate text messages
without your knowledge."
Davis said some fraudsters are using Twitter ads offering special discounts for popular gifts, linking to malicious software.
"Criminals
are getting savvier with authentic-looking social ads and deals that
take consumers to legitimate looking websites," Davis said.
"In
order to take advantage of the deals or contests, they ask them for
personal information that can obtain a shopper's credit card number,
email address, phone number or home address."
Lookout, a security firm offering free apps for Android and iPhone, also urges prudence.
"Be
careful what you do on public Wi-Fi networks especially when you're
shopping. Do not expose passwords, account numbers or credit card
information unless you are certain that you are on a secure connection,"
a company statement said.
"Use discretion when downloading apps.
Even the most innocent-looking shopping app can contain software
designed to steal personal data, make fraudulent charges or even hijack
your phone. Only download apps from sites you trust."