Powered by momentummedia
nestegg logo
Powered by momentummedia
Powered by momentummedia
nestegg logo
nestegg logo

 

 

Save

TikTok sees scammers target new victims

  • September 29 2020
  • Share

Save

TikTok sees scammers target new victims

By Grace Ormsby
September 29 2020

Australians could be throwing away their hard-earned money with the purchase and download of a number of intrusive apps currently being advertised on social media giant TikTok.

TikTok sees scammers target new victims

TikTok sees scammers target new victims

author image
  • September 29 2020
  • Share

Australians could be throwing away their hard-earned money with the purchase and download of a number of intrusive apps currently being advertised on social media giant TikTok.

TikTok sees scammers target new victims

Digital security company Avast has given the warning, after it said it had discovered seven adware scam apps available in Australia on the Google Play Store and the Apple App Store.

According to the organisation, many of these apps are being advertised on social media video platform TikTok, with unsuspecting users paying money for these “useless” apps.

It discovered at least three profiles dedicated to pushing the apps, one of which has more than 300,000 followers.

The iOS and Android apps appear to be developed by the same person or group. The links promoted on the social media profiles lead to the iOS or Android versions of the apps, depending on the device the link is being accessed from.

Advertisement
Advertisement

Avast said many of the apps are posing as entertainment – games to “shock your friends”, wallpaper apps or music downloaders – at a cost.

It labelled some of those apps as “HiddenAds trojans”, a type of trojan that disguises itself as a safe and useful application but instead serves intrusive ads outside of the app and hides the original app icon, making it difficult for users to identify where the ads are being served from, Avast said.

“The apps we discovered are scams and violate both Google’s and Apple’s app policies by either making misleading claims around app functionalities, or serving ads outside of the app and hiding the original app icon soon after the app is installed,” explained Jakub Vávra, a threat analyst.

He said it’s of particular concern that the apps are being promoted on social media platforms which are popular among younger kids, “who may not recognise some of the red flags surrounding the apps and therefore may fall for them”.

According to Avast Threat Lab, there were over 6,600 Australian users attacked by adware this year, with peaks in February, May and June.

Globally, the apps have been downloaded more than 2.4 million times, earning the scammers upwards of $500,000.

The ease with which these scams operate has led Avast to give some insight into how Australians can better protect themselves from these types of scams:

  1. Carefully read reviews

Adware and scam apps can be difficult to recognise, as they are often disguised as entertainment apps like gaming apps.

But Avast said some signs that an app could be a scam include low app ratings and negative reviews that point out excessive ads or low functionality of the alleged app features.

Mr Vávra also said reviews that are too positive can also be a sign something is amiss: “In addition to the seven apps, we also noticed the app developers have more apps, with very low downloads and reviews, but the handful of reviews they have are extremely positive and enthusiastic, which can also be a sign that something is suspicious”.

  1. Question prices

Avast says users should consider what they are paying for.

If the price tag for an app makes sense, considering what the app is offering, then it is less likely to be a scam.

Mr Vávra said many scam apps “offer basic or unrealistic features, like simple games that claim to shock players, or wallpapers for around $8”.

It’s a lot of money, considering games and features like this are often offered for free by other developers.

  1. Check permissions

Before downloading apps, users should check the permissions the app is requesting and consider if they make sense for the app to function properly.  

Mr Vávra said that Android app “ThemeZone - Shawky App” requests access to a device’s external storage, which can include photos, videos and files, depending on how the storage is used.

“Accessing external storage is not a must for a wallpaper app,” he warned.

  1. Monitor downloads

Keeping an eye on usage by children is also vital to avoid accidentally downloading scamware.

Mr Vávra said it’s important parents do speak to their children about apps and what to look out for before downloading an app, or even “make it a rule for children to ask for permission before allowing them to download an app, to avoid potential unnecessary costs”.

nestegg has previously asked the question: Is TikTok the new kid on the scam block? 

 

TikTok sees scammers target new victims
TikTok sees scammers target new victims
nestegg logo

Forward this article to a friend. Follow us on Linkedin. Join us on Facebook. Find us on Twitter for the latest updates
Rate the article

About the author

author image

Grace is a journalist on Momentum Media's nestegg. She enjoys being able to provide easy to digest information and practical tips for Australians with regard to their wealth, as well as having a platform on which to engage leading experts and commentators and leverage their insight.

About the author

Grace is a journalist on Momentum Media's nestegg. She enjoys being able to provide easy to digest information and practical tips for Australians with regard to their wealth, as well as having a platform on which to engage leading experts and commentators and leverage their insight.

more on this topic

more on this topic

From the web

Recommended by Spike Native Network

More articles

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.