Crypto criminals are going to great lengths to set traps for users. Some social engineering attacks, such as pig butchering, involve long-term mind games that include luring victims and earning their trust before delivering the final blow. One type of crypto scams seeing an uptick consists in pushing users to beta-test fake apps.
According to the warning issued by the Federal Bureau of Investigation (FBI), cybercriminals are embedding malicious code in software touted as a beta version of mobile applications, i.e., apps in a pre-launch stage that haven't yet undergone operating systems' review process. Fraudulent apps allow cyber-crooks to steal personal data, gain access to digital assets, or even hijack the device.
"The apps may appear legitimate by using names, images, or descriptions similar to popular apps. Cybercriminals often use phishing or romance scams to establish communications with the victim, then direct the victim to download a mobile beta-testing app housed within a mobile beta-testing app environment, promising incentives such as large financial payouts," the FBI warns in the release.
Crypto fraud schemes can be very elaborate. Earlier this month, a couple from Minnesota was left short of $9.2 million after a gullible husband fell for a bait involving a scammer posing as a sweetheart under the guise of a LinkedIn contact.
The FBI provides a handful of indicators to sensitize users to potential threats. Red flags include:
- battery depleting at an alarming speed,
- sluggish request processing and task execution,
- unauthorized apps installed without your knowledge,
- persistent pop-ups,
- apps asking for permissions unrelated to the declared functionality,
- app descriptions riddled with spelling and grammar errors, lacking in clarity and vital details.