Search This Blog

Showing posts with label sensitive credential. Show all posts

Fake Oximeter Apps For Smart Devices, Here’s How To Check If It’s Safe Or Not

 

In recent days the demand for oximeters has gone up owing to the deadly second wave of Covid-19 in India. Earlier today, cybersecurity intelligence has reported that many fake oximeter apps are available on the Play Store. 

The researchers’ group from Quick Heal Security Labs has discovered that the threat actors were exploiting the official apps with a trojan to get access to users’ banking credentials.

“Threat actors use reliable tools to deploy payload and third-party app stores for distribution of these fake apps,” the researchers said in a statement. 

These days Oximeter device has become very crucial to fight the Coronavirus as this device helps in monitoring blood oxygen levels in the human body. Meanwhile, various Oximeter apps are available on Android mobile devices that can help you in measuring your blood oxygen levels without any charge. 

However, these fake apps can cost you more than you can expect. According to the Quick Heal report, fake oximeter apps can exploit your online financial data for PhonePe, Google Pay, Paytm, etc. The Indian government has also warned against these apps. 

According to the findings, threat actors target those app stores where they can find both free and paid apps. They use several different tools such as GitHub or firebase to employ fake apps and various types of app markets like QooApp, Huawei, etc. 

How you can protect your financial data from fake oximeter apps? 

Here are some things to remember before downloading an oximeter app on your device: 

•  Don’t open links shared through messages or on social media platforms. 

• Check for grammar errors in the app descriptions as attackers usually use the wrong English.

•  Reviews and ratings can also be fake, focus more on reviews with low ratings. 

"Avoid approaching to third-party app stores for downloading apps or through links shared via SMSs, emails, and WhatsApp. These avenues don`t invest in security and hence make space for any type of app, including the infected ones,” researchers further added.