Pokémon Go, the latest new app seems to be taking over smartphones everywhere. This game has literally become an overnight sensation and cyber criminals are looking to cash in on this huge opportunity in a variety of ways.
Pokémon Go is not an average smartphone game. It uses an augmented reality, which is a blend of real life and technology and there are many layers to this game, using real-time GPS locations, geocaching technology and the world around you.
The game has literally become an overnight sensation and cyber criminals are looking to cash in on this huge opportunity in a variety of ways.
Since, the App isn’t available in all countries yet, just days after the official Pokémon Go App hit the market, researchers from Proofpoint discovered a Trojanized version of the app. According to Proofpoint’s blog(link is external) “Although we have not observed this malicious APK in the wild, it was uploaded to a malicious file repository service […] less than 72 hours after the game was officially released in New Zealand and Australia” So first thing’s first- when downloading the app, be sure to only download apps from trusted sources such as the Google Play Store and the Apple App Store.
Additionally, Norton has you covered when it comes to malicious Android apps. App Advisor(link is external) automatically scans for malicious apps in the Google Play Store before they’re downloaded to your phone.
The most recent and most dangerous malicious app was a discovery made by a group of security researchers on July 15th. The first fake lock screen app, dubbed “Pokémon GO Ultimate,” was found on the Google Play Store. Luckily, the researchers contacted Google quickly, and it has been removed from the app store. You can read more about this threat here.
1. Be aware of trojans versions
Just days after the official Pokémon Go App hit the market, researchers from Proofpoint discovered a Trojanised version of the app. When downloading the app, be sure to only download apps from trusted sources such as the Google Play Store and the Apple App Store.
2. Keep on guard for online scams
With all popular games, users are sure to scour the Internet for cheats and hacks online. Scammers are already on top of this, as fake websites have started popping up offering Pokécoins and other powerups from the game in exchange for filling out surveys or visiting questionable websites. Surveys may seem harmless, however, they can collect a lot of personally identifiable information about you, which could be used in identity theft.
3. Review app permissions
It’s always important to evaluate what an app wants to access when it is installed. Currently, some iOS users and some Android users do not get asked permission to access anything. If signing in via Google, you are potentially allowing the game full access to your Google account. This means that the app has access to your contacts, e-mail, Google Drive documents, and more.
For further information on how to stay cyber safe and still ‘catch ‘em all’, please refer to Symantec’s official blog post here.
Have something to add to this story? Please share it in the comments.