Here’s how cybercriminals are using nearly 300 loan apps to steal your data


A trove of nearly 300 loan apps has been found on Google Play Store and Apple App Store that are used by cyber criminals to exfiltrate excessive user data and harass borrowers for repayment. The apps, which were spotted by cybersecurity company Lookout Threat Lab, were found in Southeast Asian and African countries, including India, Colombia and Mexico.
How scam loan apps target users
These apps claim to offer quick, fully-digital loan approvals with reasonable loan terms. However, in reality, they exploit victims’ desire for quick cash. They trick users into agreeing to predatory loan contracts and ask them to grant access to sensitive information such as contacts and SMS messages.
When users download a predatory loan app, they are prompted to fill out an application form seeking the applicant’s name, address, employment history, education, and banking information. Most of these apps also ask for ID verification with a video selfie. This ensures users that they are dealing with a legitimate institution.
Once the victim’s information is collected and the loan is distributed, the app operator then begins cycles of harassment. When the victim doesn’t respond to emails, SMS or calls, the operators would then call contacts that they exfiltrated during the loan disbursement process.
Additionally, some of these apps have also been reported to display scam-like actions such as hidden fees on loans, high-interest rates and unfavourable repayment terms that are not in line with what is posted on the app stores.

Loan scam apps have millions of download
Lookout says that they found 251 apps on the Google Play store with over 15 million collective downloads. The cybersecurity service provider also identified 35 apps on the Apple App Store that were in the top 100 finance apps in their regional stores.
Lookout says that none of those apps was available for download when they published the blog. To ensure the claim, we checked the availability of some of these apps on the respective app stores and couldn’t find them.
Developing countries a hotspot for online scams
Lookout notes that it has seen a high concentration of such loan apps in developing countries, such as India, Colombia, Indonesia, Kenya, Mexico, Nigeria, the Philippines, Thailand and Uganda. “While we don’t have evidence of where the scam operators reside, it’s clear that these regions were identified to be lucrative,” Lookout said in a blog post.
Furthermore, Lookout says these apps are mostly found in developing countries because of the ease of “access to mobile apps compared to traditional financial services, especially for those that have a lower income.”
Additionally, in developing countries, Android is much more popular and has more than 70% of the market. This is due to the availability of Android phones at multiple price ranges. This may also explain why these loan scam apps are found more on Android than on iOS.





Source link

Denial of responsibility! planetcirculate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.