Massive Mobile App Fraud Kicks Off Black Friday Cyber Exploits

Posted by Greg Mancusi-Ungaro

Mon, Nov 07, 2016


Just as the cyber-election manipulators are finishing their work, the "for-profit" population of on-line fraudsters are coming online -- launching their efforts to bilk the public between now and November 25, Black Friday, the peak of heaviest online shopping day of the year.

Mobile app fraud is dominating the first wave of this year's Black Friday cyber attacks. First reported in the New York Post, and further reported in the New York Times, a slew of imitation and copycat mobile apps have appeared online in the last few weeks - parodying trusted brands such as Dollar Tree and Foot Locker, iconic stores like Dillard’s and Nordstrom, online retailers like and Polyvore, and luxury-goods purveyors Jimmy Choo, Christian Dior and Salvatore Ferragamo.

What makes this wave of fraudulent applications different is the targeted platform: Apple's iOS.

Historically, the bulk of fraudulent mobile apps detected and analyzed by BrandProtect and other vendors have appeared on various android platforms and have been distributed via third party and offshore app stores.  Not so with these rogue apps -- these have been discovered on the official Apple App Store.

Rogue mobile apps are a particularly effective way for fraudsters to prey on the public. They make money for the cyber-fraudsters; divert revenues, gum up operations, and tarnish reputations for trusted companies; and steal money, identities, PII, and generally confuse customers and the general public. 

But these rogue apps don't just hurt consumers - they hurt the enterprises and companies that they parody. When the public learns that a company's mobile app is tainted, they avoid ALL mobile apps associated with that company - the good, the bad, and the ugly.

Apple has been quick to respond to the discoveries, but the news is foundation-shaking for iOS users. Today, it seems, no mobile platform is immune to fraudulent apps. 

There are hundreds of apps uploaded to the the various global stores every day. This month, as we edge closer and closer to the Black Friday milestone, the message to CISOs, Digital Governance, and corporate executives is clear:

To protect revenues, operations, and the public reputation of a company, mobile app monitoring is a critical cyber defense strategy.

Throughout the month, BrandProtect will be monitoring and commenting on rogue cyber activity targeting consumers and shoppers. Across the entire cyber spectrum - from mobile apps to social media to websites to other socially engineered attacks, one thing is certain.  All of these schemes depend on leveraging the reputation and identity of a trusted company or enterprise.

Subscribe to this blog to stay informed about the latest external threats that schemes attacking businesses and the public -- all without crossing the traditional security perimeter.


Like this article? Subscribe to our blog







Topics: black friday, mobile app monitoring, cyber monday, mobile malware, CISO, External Threat

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest


Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all