Researchers of the IB-Company Lookout discovered that more than 280 applications in Google Play and App Store shops are involved Users in credit schemes with misleading conditions, and then extort money and pursue victims.
251 Credit application for Android and 35 for iOS were loaded with a total of 15 million. times users mainly from India, Colombia, Mexico, Nigeria, Thailand, Philippines and Uganda. Lookout announced applications in Google and Apple, the companies have already deleted malicious applications.
These credit applications enjoyed great success in developing countries, where people have limited financial capabilities and where fraud reports will be less likely to be considered in the police.
When installing the application, users requested dubious permits for access to confidential information – contacts, SMS contents, media files, etc.
After receiving all permits, the application begins to load confidential data from the device to the servers of the attacker. In addition, if the user does not approve of permission, the application will not allow him to send requests for a loan.
At the first launch, the user proposes to fill out the form KYC (Know Your Customer), providing photos of the identity card and other documents.
KYC system in fraudulent applications
Then the application offers misleading or simply false loan conditions to lure the victim. When the user receives part of his loan, the conditions of interest rate change or hidden commissions appear, sometimes reaching 30% of the total loan. In some cases, applications reduced the loan period from the promised 180 days to 8 days, charged huge interest and fines for delay.
Since most people cannot or do not want to repay loans, application operators begin to pursue them using stolen personal data, contacting people from the list of contacts and revealing the debt to the victim’s family and friends. Some users also reported that fraudsters sent edited images with the victim’s contacts.
Apple and Google allow the placement of microloan applications, but have strict rules governing their work. The minimum repayment period should be 60 days, and the maximum annual interest rate is 36%. The conditions indicated in fraudulent applications corresponded to this policy, but in practice they changed, so the stores deleted the applications for violation of the rules.