Delete these 7 Android apps before it costs you big bucks; spot fake LinkedIn alerts


Delete these 7 Android apps before it costs you big bucks; spot fake LinkedIn alerts

We’ve written before about the Joker malware that steals personal data from your Android phone. As a “Trojan,” Joker can infiltrate your phone and sign you up for expensive subscription services that you might not notice on your credit card bill until you’ve already made a few monthly payments. Tatyana Shishkova, a malware analyst at security firm Kaspersky has found some infected apps in the Google Play Store.

Delete these seven apps right away if you have any of them on your phone

According to a tweet from Shishkova, (via The Express), these seven apps carry the Joker malware which means that they are dangerous to your financial well-being. While the apps have been removed from the Google Play Store, that doesn’t mean that they aren’t still on your phone eager to sign you up to scam subscription services that you really don’t want to pay for. So check your Android phone for the following:
  • Now QRcode Scan – Over 10,000 installs
  • EmojiOne Keyboard – Over 50,000 installs
  • Battery Charging Animations Battery Wallpaper – Over 1,000 installs
  • Dazzling Keyboard – Over 10 installs
  • Volume Booster Louder Sound Equalizer – Over 100 installs
  • Super Hero-Effect – Over 5,000 installs
  • Classic Emoji Keyboard – Over 5,000 installs

Luckily, these malware-laden apps have been pretty much contained with the most popular of the seven having been installed over 50,000 times. To put the odds of becoming a malware victim more in your favor, always check the comments section before you install an app. If there are any red flags waving, this is where you are going to find them.

Another suggestion is to limit the apps you install from known developers. Yes, this means that you should avoid installing apps from unknown developers and give a wide berth to apps with a small number of reviews.

Now let’s turn our attention to business networking app LinkedIn. Because the app tries to connect companies with people, receiving notifications from LinkedIn is nothing out of the ordinary. But Kaspersky says that a message from LinkedIn that appears to come from a legitimate company could be a fake email that looks to be genuine, an example of phishing.

Finding red flags to spot a fake LinkedIn notification

In its report, Kaspersky shows an example of a message sent via LinkedIn from an apparent Arab businessman. The message, which supposedly includes a photo of the sender, asks the recipient if he’d like to do business with him. But there are so many red flags with this missive that it could teach you what to look for when receiving an unsolicited notification on LinkedIn.

Spelling mistakes are abundant. On the very top you’ll see that LinkedIn is spelled incorrectly, with an extra “I.” Also spelled incorrectly is the word “businessman.” There is no link to LinkedIn in the email address, and the message is too short to be a serious offer (While spelling mistakes are a red flag, this writer once received a notification from Verizon that was so full of spelling and grammatical errors we thought it just had to be a fake. It tuned out to be real).

Clicking on the link posted in the notification brought up what looked like a real LinkedIn login page. But the URL (optikzade.com.tr) did not mention LinkedIn and instead of the .com domain, the address indicated that the fake sign-in page came from Turkey.

Another phishing attempt involving LinkedIn might have been harder to catch-at first. The notification still contained some red flags as it requested a “Qoute.” But who among us has never switched two letters around by mistake, especially when typing fast in a language that is not native to you.

But the subject line for this notification reads, “Juli Jiang sent you message” missing an article before the word “message.” That might not seem like a big deal until you realize that LinkedIn creates the subject lines automatically and wouldn’t miss putting an article in.” And tapping on the link brings you to a fake login page that shows an error that covers up part of the LinkedIn logo at the top, and incorrectly has the name of the app written as Linkedin.

Yes, these are all red flags. Learn to spot them and you won’t find yourself the victim of a phishing scheme.





Source link