We’re less than one week away from the biggest shopping weekend of the entire year—and you’ve probably noticed how many early Black Friday deals are already on offer. But for the many consumers who shop on their cell phones (last year, mobile devices accounted for more than 30% of online Black Friday sales and nearly 50% of Cyber Monday sales), caution is recommended.
Last week, Apple announced it was shutting down a number of fake shopping apps, including ones posing under the guise of vaunted luxury brands like Moncler, Celine, and Salvatore Ferragamo. Many of these illicit apps are relatively harmless, trying to entice users to click on those “too good to be true” viral links. But others ask to store credit card information, which can be used to make illegitimate purchases or can be sold on the black market by hackers moving stolen records.
The problem? Two in three retailers don’t have an iOS or Android app, according to industry estimates. That provides an easy opening for scammers to create fraudulent apps using legitimate information and recognizable names, all in hopes of luring unsuspecting shoppers to fall for the fake app.
Even scarier, many times an app that is flagged and removed by Apple’s rigorous app review process will reappear the very next day, launching and then shutting down with frightening speed. Security experts have defined the effort to prevent such apps from being downloaded as akin to a game of Whac-A-Mole, with a severe spike in November. And although a mobile device isn’t as susceptible to virus infection as a laptop or desktop computer, data loss and security intrusion are still major concerns, especially for businesses whose employees rely on their phones to answer emails, fill sales orders, access documents stored in the cloud, and conduct business while traveling.
What can you do to avoid such scams as the holiday shopping season ramps up?
1) Vet any shopping apps by visiting a retailer’s website. If you see an app for a brand you like in the Apple or Android app stores, don’t just download it blind—visit that retailer’s website to verify the app and then follow their link to its correct source.
2) Read those reviews! If the app you’re looking at seems fishy, chances are that will be reflected in the app’s reviews by those who’ve downloaded it before. And if there aren’t any reviews, beware—a good rule of thumb is “Don’t be the first to try a new app out,” just like you should rely on the advice of IT experts and not be the first to download a new operating system or software update.
3) Look out for misspellings and other typos. This applies equally to the world of apps as it does to the world of phishing emails and other social engineering scams. If an appeal to download an app is riddled with odd language or misspelled words, it’s probably a fake. Professional developers and major retailers employ stringent quality control before they release an app. You can also look at the screenshots that are required to be included in an app store description—if they look grainy or low resolution, avoid downloading that app.
4) Avoid giving out too much information. This should be a no-brainer in our data breach-dominated day and age, but if an app requests a lot of info from the get-go (credit card numbers, access to photos, or contacts), it’s probably a fraud. Accidentally granting permission like that is often just the mistake hackers are waiting for you to make.
5) Don’t click on any pop-up ads. This applies equally to websites and to apps, but any time you get a lot of irritating pop-up ads, use caution. Clicking on one of those can lead a user to an external illicit site that installs malware or other viruses on your device.
This holiday season, vigilance is required to stay safe on the digital front. If you plan on doing any shopping online or via a smartphone app, make sure the portal you’re using is legitimate and safe by following the tips outlined above. Looking for more ways to enhance security and keep your data safe? Contact CMIT Solutions today. We worry about IT so you don’t have to.