HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 4 MINUTES AGO.
You are here: Home / Mobile Security / One-Click Fraud Invades Google Play
Powered by Verisign:
Cloud-based solution to improve Your DDoS Attack Readiness.
Click here to learn more.
One-Click Fraud Invades Google Play
One-Click Fraud Invades Google Play
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
APRIL
03
2013
You may never have heard of one-click fraud, but it's likely you'll hear much more about it this year. That's because one-click fraudsters are targeting big-time players like Google...or, you might say, players on Google.

According to Symantec, one-click fraud is a scam that lures users interested in adult-related video to a site that attempts to trick them into registering for a paid service. For many years, it has been common to see this type of fraud on computers.

"As smartphone usage has increased, so has the number of these types of scams on smartphone devices," Joji Hamada of Symantec wrote in a blog post. "People typically come across these scam sites by searching for things that they are interested in or by clicking on links contained in spam messages. We also witnessed the advent of one-click fraud Android apps just over a year ago and those apps can now be found on Google Play."

Big Money Scam

Symantec is reporting that the apps can be found on Google Play through keyword searches in the same manner as an Internet search. For example, entering Japanese words related to pornographic video results in one of these apps being at the top of the search results at the time of writing.

Hamada explained that the apps typically only require the user to accept the "Network communication" permission, although some variants do not require the user to accept any permissions. This, Hamada said, is because the app is simply used as a vehicle to lure users to the scam by opening fraudulent porn sites. The app itself has no other functionality. This may fool users into feeling safe about the app and catch them off-guard when launching the app.

"The first variant of this type of app that we have seen appeared in late January, although it is possible that apps were released earlier than this. From then on, the apps were published by different developers each time and the number of apps steadily grew though many were removed from Google Play at one point for unconfirmed reasons," Hamada said.

"We are now seeing multiple developers fiercely publishing apps in bulk on a daily basis. We have so far confirmed over 200 of these fraudulent apps published by over 50 developers, although it is likely that more exist. These apps have been downloaded at least 5,000 times in the last two months. As far as victims go, we are not aware of how many of these users actually paid money to the scammers; the "service" costs about 99,000 yen (approximately U.S. $1,000). It certainly must be worth the time and effort for the scammers as they have continued doing business for over two months." (continued...)

1  2  Next Page >

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN MOBILE SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.