The Rise of Fake Cryptocurrency Apps and How to Avoid Them – Cointelegraph | Omd Cialis

Ever since the advent of technology, scammers have been using the decentralized and immutable nature of blockchain to scam crypto investors.

And according to the latest FBI scam report, scammers are using fake crypto apps to steal funds from unsuspecting crypto investors. It shows that American investors lost about $42.7 million to scammers through fake apps.

The programs are reportedly using the heightened interest in cryptocurrencies, especially during bull market runs, to entice crypto users.

How Fake Crypto App Scammers Lure Users

Fake crypto app scammers use myriad techniques to lure investors. The following is a breakdown of some of them.

Social Engineering Schemes

Some fake crypto app scam networks use social engineering strategies to lure victims.

In many cases, scammers befriend victims through social platforms like dating sites and then trick them into downloading apps that appear to be working cryptocurrency trading apps.

The scammers then convince users to transfer funds to the app. However, the funds are “locked in” once the transfer is made and victims are never allowed to withdraw any funds.

In some cases, scammers lure victims with outlandish claims of high returns. The ruse ends when the victims find they cannot redeem their money.

Speaking to Cointelegraph earlier this week, Rick Holland, chief information security officer at Digital Shadows — a digital risk protection firm — emphasized that social engineering remains a top strategy among crooks because it requires minimal effort.

“It’s far more practical and lucrative to rely on the best practice of social engineering,” he said.

The cybersecurity manager added that social engineering makes it easy for scammers to target wealthy individuals.

Recognizable brand names

Some fake crypto app scammers have resorted to recognizable brand names to distribute fake apps due to the trust and authority they exercise.

In a case highlighted in the latest FBI crypto-crime report, cyber criminals posing as YiBit employees recently deceived investors out of about $5.5 million after convincing them to trade a fake YiBit crypto download app.

Unbeknownst to the investors, the actual YiBit crypto exchange company went out of business in 2018. Money transfers to the fake app were stolen.

In another case detailed in the FBI report, phishers using the brand name Supay, which is associated with an Australian crypto company, scammed 28 investors out of millions of dollars. The ploy, which ran between November 1 and November 26, caused $3.7 million in losses.

Such schemes have been around for years, but many incidents go unreported due to a lack of proper recourse channels, particularly in jurisdictions that avoid cryptocurrencies.

Current: How NFTs can increase fan engagement in the sports industry

Besides the US, investigations in other major jurisdictions such as India have uncovered sophisticated fake crypto app schemes in the recent past.

A newly discovered fake crypto app scheme with numerous cloned apps and domains caused Indian investors to lose at least $128 million, according to a report published in June by cybersecurity firm CloudSEK.

Distribution of fake apps via official app stores

Fake crypto app scammers sometimes use official app stores to distribute shady applications.

Some of the apps are designed to collect user credentials which are then used to unlock crypto accounts on corresponding official platforms. Others claim to offer secure wallet solutions that can be used to store a variety of cryptocurrencies, but steal funds once a deposit is made.

While platforms like the Google Play Store constantly check apps for integrity issues, it’s still possible for some fake apps to slip through the cracks.

One of the latest methods used by scammers to achieve this is by registering as an app developer on popular mobile app stores like Apple App Store and Google Play Store and then uploading legitimate looking apps.

In 2021, a fake Trezor app created by SatoshiLabs masquerading as a wallet used this strategy to get released on both the Apple App Store and Google Play Store. The app claimed to give users direct online access to their Trezor hardware wallets without having to plug their Trezor dongle into a computer.

Victims who downloaded the fake Trezor app were required to submit their wallet seed phrase in order to start using the service. A seed phrase is a string of characters that can be used to access a cryptocurrency wallet on the blockchain.

The submitted details allowed the thieves behind the fake app to loot user funds.

According to a statement from Apple, the fake Trezor app was released to its store through a deceptive bait-and-switch maneuver. The app developers are said to have originally submitted the app as a cryptographic application to encrypt files, but later converted it into a cryptocurrency wallet app. Apple said it wasn’t aware of the change until users reported it.

Speaking to Cointelegraph earlier this week, Chris Kline, co-founder of Bitcoin IRA — a crypto retirement investment service — said that despite such incidents, major tech companies in the industry have taken a firm stance against fake crypto apps because they could potentially damage their integrity. He said:

“Technology companies are always looking for better education and security for their users. The most reputable players today are putting security at the forefront of their roadmaps. Users need reassurance that their digital assets are secure, and vendors keep security in mind.”

However, the issue of fake apps is more common in unofficial app stores.

How to spot a fake crypto app

Fake cryptocurrency apps are designed to be as similar to legitimate apps as possible. As a crypto investor, one should be able to differentiate between legitimate and fake apps to avoid unnecessary losses.

Below is a breakdown of some things to look out for when attempting to determine the authenticity of a mobile crypto application.

Spelling, symbols and description

The first step in determining if an app is legitimate is to check the spelling and icon. Fake apps usually have a name and icon that looks similar to the legitimate one, but usually something is wrong.

For example, if the app or developer names are misspelled, it is most likely fake software. A quick web search for the app will help confirm its legitimacy.

It’s also important to consider whether the app has a Google Editor’s Choice badge. The badge is an award from the Google Play editors to recognize developers and apps with outstanding quality. Apps with this badge are unlikely to be fake.

Application Permissions

Fake apps usually request more permissions than necessary. This ensures that they retrieve as much data as possible from victims’ devices.

Therefore, users should be wary of apps that require off-center permissions, such as B. Device administrator rights. Such authorizations could give cyber criminals unrestricted access to a device and allow them to intercept sensitive data that can be used to unlock financial accounts, including crypto wallets.

Intrusive app permissions can be blocked via a phone system’s privacy settings.

The number of downloads

The number of downloads of an app is usually an indicator of how popular it is. Apps from reputable developers typically have millions of downloads and thousands of positive reviews.

Conversely, apps with only a few thousand downloads require closer scrutiny.

Confirm authenticity by contacting support

If you are unsure about an application, contacting support through the company’s official website can help you avoid financial loss due to scams.

In addition, authentic apps can be downloaded from a company’s official website.

Related: Crypto contagion scares investors off in the short-term, but fundamentals remain strong

Cryptocurrencies are underpinned by relatively new technologies, so it’s only natural that there are teething problems with usage and acceptance. Unfortunately, in recent years, black hats have been targeting naïve crypto enthusiasts with fake crypto apps.

While the problem is likely to persist for several more years, increased scrutiny by tech companies should mitigate the problem in the long run.