Loyal Crimson Tide and Fighting Irish fans aren’t the only ones looking forward to the BCS Championship Game on Monday night.
Fraudulent app developers are also anticipating the big game. We’ve been able to identify over 20 suspicious unlicensed apps for each of the national contenders. Industry research has shown that these knock-off apps illegally use brand names and trademarks to entice users to download apps and give permission to access users’ personal data, including contacts and text messages, GPS location, and other sensitive or confidential information. Any good referee would call unnecessary roughness on these permissions!
Illegal Procedure Call
Worse yet, many of these apps serve as Trojan horses (our apologies to USC fans) — serving up malware to the phone without the user ever knowing it.
Cyber security software maker ESET, in a just published report on malware and cybercrime, noted that that they see “the main trend for 2013 is an exponential growth of mobile malware”. They classified much of this activity as information theft (spyware), SMS message distribution to premium rate numbers, and botnet recruitment. Unfortunately, there is no instant replay once these get into your phone!
We found one app, named “Alabama Football HD Wallpapers” that has been downloaded thousands of times. This app requires you to allow it to READ and WRITE TO your bookmarks and web history, as well as give up your precise GPS location. The developer, in the app description, actually writes “We have found a new way to generate some money from this free app…” Do you wonder what they’re doing with your information? We definitely throw the penalty flag at this one.
Players and fans alike must have a well thought out game plan before downloading any app to their mobile device. Everyone should read the permissions thoroughly, and think two or three times before agreeing to give up your GPS location, or access to your contact information.
If in doubt – call time out for a reality check, and discuss the permissions with a coworker, or parent, or friend.
Regardless of the outcome of the BCS game, we will continue to keep score of suspected fraud and abuse in the app marketplaces. The app industry must find a way to control this abuse, and brand owners must become more proactive in protecting their valuable names.