Fraudulent mobile apps growing in numbers

(Image credit: Shutterstock)

Fraudulent mobile apps, whose only purpose is to steal valuable personal and payment information from unsuspecting victims, are seeing a significant rise in numbers, experts have warned.

A new report from payment fraud protection specialists Outseer claims that out of all fraudulent attacks that happened in Q2 2021 (of which there were more than 49,000), rogue mobile apps accounted for almost a third (30%).

That represents a spike of 66% in just 90 days, and an increase of 140% compared to the same period last year. The growth, Outseer claims, could be attributed to the fact that due to the pandemic, consumers started using mobile banking apps a bit more.

The process is relatively simple. Fraudsters would create an app that looks almost identical to a genuine mobile app belonging to a bank, and have it placed on a mobile app store (or distribute it via its website, email, or any other means). 

Once the unsuspecting victim downloads the app and tries to use it, they submit various sensitive data, such as payment details or personally identifiable information which, in fact, ends up at the hands of the crooks.

They can then choose to either use the data, or sell it on the black market.

Watching app stores

To tackle the issue, Outseer says, businesses should consider monitoring authorized and unauthorized app stores, or use third-party monitoring services to protect both their brand, and their customers.

At the same time, the use of mobile banking apps grows. Further in the report, it was said that 77% of digital banking transactions now originate from the mobile channel, which includes both apps and mobile browsers. The average size of a digital banking transaction conducted via a mobile channel in Q2 2021 was $550.

Still, with the average size of a banking transaction conducted via standard web channels being $5,700, consumers still feel more comfortable performing higher-value transactions from a desktop or laptop, the report suggests. It also claims some banks may have transaction limits based on the device used. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.