Cybercriminals are creating a free duplicate of real applications laced with malware that steals personal information such as passwords and bank details.
These fake apps are mainly aimed at Android users due to the open nature of the Google ecosystem which makes it easier for users to download apps outside Google’s Play Store.
Third-party stores from which Android users can download apps do not properly verify the authenticity of these apps, thereby increasing the risks.
Popular apps being faked to spread spyware include streaming services, VPN providers and antivirus software.
According to the Mobile Security Report 2022 by cybersecurity company Pradeo, more than 700 websites operate as third-party download stores outside the official app marketplaces.
Users who want to protect themselves from malicious apps can do so by ensuring that they only download apps from the official app stores.
Users who may have downloaded malicious apps are advised to reset their devices and monitor their accounts for signs of suspicious activity.
They are advised to remain wary of offers that sound too good to be true, as such offers are a way to get people to download malicious apps.
For more information read the original story in ZDNet.