"Cyber criminals are using fake virtual private network ( VPN) apps that impersonate legitimate services in order to spy on users and steal their money, Google has warned. The issue impacts the roughly 3.9 billion Android users around the world, with smartphone users tricked into installing malicious apps that threaten their digital security. One such criminal enterprise involved a fraudulent security firm publishing VPN apps on official app stores in order to spread malware and online scams."
""These actors tend to impersonate trusted enterprise and consumer VPN brands or use social engineering lures, such as through sexually-suggestive advertising or by exploiting geopolitical events, to target vulnerable users who seek secure internet access," said Laurie Richardson, vice president of trust and safety at Google. "Once installed, these applications serve as a vehicle to deliver dangerous malware payloads including info-stealers, remote access trojans and banking trojans that exfiltrate sensitive data such as browsing history, private messages, financial credentials and cryptocurrency wallet information.""
"Ms Richardson advised Android users to protect themselves by only downloading VPN apps from official sources, and to check for apps with the VPN badge in the Google Play app store. "Users should look carefully at the app's requested permissions - a VPN should not need access to things like your contacts or private messages," she said. "Always pay attention to browser download warnings and keep your antivirus software enabled.""
Fake VPN apps impersonate legitimate services to spy on users and steal money, targeting Android devices. About 3.9 billion Android users risk installing malicious apps that appear on official app stores. Actors impersonate trusted VPN brands or use social-engineering lures, including sexually suggestive advertising and exploitation of geopolitical events, to attract vulnerable users. Installed apps can deliver info-stealers, remote access trojans and banking trojans that exfiltrate browsing history, private messages, financial credentials and cryptocurrency wallet information. Users should download VPNs only from official sources, check the VPN badge, scrutinize permissions, heed browser download warnings and keep antivirus enabled. Other scam trends include online job scams, review extortion, AI impersonations, fraud recovery scams and seasonal holiday campaigns.
Read at The Independent
Unable to calculate read time
Collection
[
|
...
]