McAfee’ rings alarm over dangers of SpyLoan apps

A stark new warning about the dangers of SpyLoan apps has just been issued as a ‘global threat exploiting social engineering’ tricks its way onto more than 8 million phones.

Beware, if you fall victim it could prove devastatingly expensive. These new attacks ‘lead to extortion, harassment, and financial loss’.

McAfee’s mobile research team reported a significant global increase in these predatory loan apps. Targeting Android users across multiple countries, the researchers warn that these attacks “use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions”. All of which is designed to relieve you of your hard-earned cash, the warning added.

The latest study spoke about how many apps falsely claim that they are offering legitimate loans but they are really scams disguised to be real. The apps go as far as to excite users by offering the lowest interest rates.

The apps once downloaded swipe all of users’ data and could then result in extortion later on as published in the report by the leading security firm. Such apps then go about collecting sensitive information like banking details, IDs, and others. Even if some loans don’t get issued, others falsely pose as if they’re your next best guide to offering the best deal. Meanwhile, others charge a huge sum of funds with bigger interest rates than outlined.

Such apps could copy real platforms and make use of industry-standard tactics for marketing such as a countdown or a time-sensitive offer that misleads users into believing they’re on the right track and will get everything promised. If that’s not enough, they even have privacy agreements that are harmful and entail terms that make it seem so real.

Some clauses in the privacy agreements speak about giving the platform permissions for viewing and making use of message contents, contacts, and even users’ call history records. It might even request access to a phone’s camera sometimes.

The scammers behind such platforms could then send edited images or explicit material to contacts on the user’s list to blackmail. Some cases saw the threat actors sending death threats to further harass victims.

The platforms were seen in several different nations like Indonesia, Mexico, Colombia, and some countries that speak English as well. Since then, Google has worked hard to remove some platforms that are doubtful while a few were altered. For now, McAfee vows to flag these platforms as potentially unwanted programs due to the harm they provide.

The cybersecurity giant says there is one way to ensure the app is safe before installing and that is to look at the developer’s details. If the email provided is from a Gmail account or any other free email iD, it’s more likely to be safer than the rest which feature a developer from a real domain linked to a particular website. Another way is to carefully read reviews before installing apps as they really do help to see if anyone was involved in a scam related to the app.