Scammers are setting up fake antivirus solutions for mobile devices that trick Android and Windows phone users into purchasing fake apps, according to a blog post on Thursday by Kaspersky Labs.
The apps have appeared in both the Google Play and Windows Phone Store, and while appearing as legitimate apps, don’t provide any mobile security benefit.
Security experts recently discovered a scam antivirus app on Google Play called Virus Shield. After that discovery, experts have discovered a series of similar fake apps. One app, called Kaspersky Mobile, tried to trick users into thinking that it was a legitimate mobile security service by Kaspersky Labs.
The tell-tale signs that the Kaspersky Mobile app was fake would not necessarily be obvious to an end-user. First, Kaspersky Labs doesn’t have a product called Kaspersky Mobile. Second, the fake app pretends to scan files, but the screenshot shows the app with a scan progress and heuristic analysis progress bar. According to Kaspersky Labs, antivirus solultions don’t display a separate progress bar for heuristic analysis.
Scammers also used familiar names and logos including Mozilla and Google to set up fake apps.
According to Kaspersky Labs, “this is a good example of how one successful scam spawns numerous clones. Instead of just one fake AV, the scammers offer dozens of fake apps, copying the design, but not the functionality of the original.”
“It is quite possible that more and more of these fake apps will start appearing. One thing is for sure – the mechanisms put in place by the official stores are clearly unable to combat scams like this.”
As users increasingly rely on mobile devices to purchase products and services, and with mobile malware on the rise, users need to be more proactive when it comes to mobile security. And that seems to be what these scammers are banking on – well-intentioned users looking for security solutions to improve their mobile security, but not knowing enough about it to ensure they are buying from a legitimate source.
This is where service providers could come in: as a trusted source that can offer guidance when it comes to security across networks and devices.