An increasing number of companies are providing their customers with the ability to use mobile applications (Apps) to access their online accounts. Mobile Apps are available from trusted stores (such as Apple’s iTunes, or Android’s Google Play), some not so trusted marketplaces, and also from websites on the internet.

Criminals are turning to the mobile space and producing mobile malware and fake or rogue mobile Apps. This can result in hijacked sessions, taking control of the mobile device, or man in the middle attacks.

A rogue mobile App for online accounts could simply allow the hacker to sit in the middle of the session, with the ability to divert funds for the user’s online account. Any online account App available from an unauthorised source should be considered malicious and treated as such.

Protect your customers from fake Mobile Apps

Avoid unauthorised Mobile Apps from impersonating your trustworthy brand for the purpose of fraudulent activity. With the enormous uptake of mobile apps, a new channel for online fraud has emerged. Unauthorised Mobile Apps, impersonating a brand, entice users to download and install them on their mobile devices.

Mobile Apps can be used maliciously and some contain malware. These can be used to:

• Send login credentials to a criminal
• Allow for browser sessions to be hijacked
• Take control of the mobile device
• Facilitate “Man in the middle” attacks

The cost of fake Mobile Apps

An unauthorised Mobile App taking advantage of a well-known brand can:

• Create a negative experience for the end user
• Impact on the brand’s reputation
• Incur financial losses through credential theft

How FraudWatch International deals with fake Mobile Apps

FraudWatch International provides a comprehensive monitoring solution to monitor for rogue and unauthorised Mobile Apps using the client’s brand. We monitor the official mobile app stores, in addition to other locations, directories and mobile app download sites on the internet.