Post Office and Royal Mail scams aren’t anything new with cyber thieves often using the trusted brands to trick consumers into handing over personal details. In the past, we’ve seen online crooks targeting users with fake text messages that usually claim a parcel is waiting to be delivered but only once a small unpaid fee is paid. A link then follows to an official-looking website where data is then stolen.
With most people now aware of these malicious text scams, criminals are now trying to find new ways to cash in with the latest threat targeting smartphone users with a clever – but nasty – trick.
As spotted by the security team at Avast, it seems scammers are now stealing money via apps that contain something called fleeceware which is capable of signing unsuspecting users up to expensive subscription plans that can be almost impossible to cancel.
The way they get people to install these apps is via adverts on social media platforms that claim to be from Royal Mail and offer cash incentives of up to £10,000 for filling out a survey and sending the link to friends and family.
Once the first person is tricked it’s easy to see how it spreads because each victim that receives it believes it’s come from a friend or family member.
READ MORE: Virgin Media just confirmed some huge news about your broadband speeds
Once the fake survey is completed, phone users are then urged to download a parcel-tracking app which has been planted on official app market places including Google’s Play Store.
If a target is fooled, the app then installs the fleeceware with a fee of $70 per month then charged to their account.
Avast says one version of those vicious applications has already been downloaded over 50,000 times.
“This type of fraud is all the more dangerous because it uses the social ties of its victims to spread. People don’t expect to receive scams from friends or family, and therefore might be more likely to fall for the scam, especially considering the sites look like they come from trusted services,” said Jakub Vávra, threat analyst at Avast.
“This may be further enhanced by the localization of all the websites. What is surprising is that the fleeceware app is not localized and appears generic in comparison to the websites. Of note is that it does have overly positive and likely fake reviews in English on its profile. It is possible the scammers were planning on replacing the final payload with another app or something more malicious.”
Avast has reported the malicious app to Google’s security team so it should be removed soon but it’s still worth keeping alert as it’s likely a new version will appear once the current one is banned.
Avast says that fleeceware apps appear in various forms and can imitate any category of application, but are commonly apps with simple features that are normally offered for a low price or for free.
Fleeceware apps usually offer a free three-to seven-day trial, but can require users to enter their payment information before the trial begins, and automatically charge them once the trial ends. Users should carefully read what happens after an app’s trial period ends and how much an app will charge after a free trial period, checking if the charge will be automatically deducted from their card on an ongoing basis, unless they cancel the subscription.