Only a month ago, Uber users and drivers learned that their privacy might be at risk due to the massive data breach. Now security researchers warn about new Android malware that uses a sneaky method to steal user credentials, including a phone number or credit card details.
Researchers from Symantec report that it’s a new variant of Android. Fakeapp malware which was originally detected in 2012. However, it has updated numerous times, and the recently discovered version tries to steal users credentials by deep linking URL in the real Uber app.
This sophisticated technique prevents users from suspecting criminals’ activity. They see a current location and can start searching for Uber to drive to the needed place. However, just like other similar data-stealing malware, Android.Fakeapp also asks to enter credit card detail or enter a phone number. Thus, Android malware attack might lead to money loss and other privacy-related issues.
Nevertheless, security experts say that mobile malware hasn’t affected many Uber users; it is still advised to remain vigilant and pay more attention to cyber security. Thus, we would like to remind the major security tips:
- Do not download apps from third-party stores and stick to Google Play only.
- Check the information about developers before downloading the app from Google Play Store. Sometimes malicious apps sneak into the official store. Thus, double-checking information about developers is needed.
- Read user reviews and comments outside the app store. Developers of malicious apps might create fake reviews or delete real ones.
- Read app permissions before installing applications and avoid applications that require full access to your device, contacts, and other details that are not needed for the app to operate.
- Request a free remote scan from A Geek To Go, LLC .