The ongoing evolution of technology has made our lives easier than never before. You must agree that smartphones and smartphone apps have played the most significant role in this field. However, the ongoing malware and security threats have also given rise to enhanced safety measures to be taken.
Imagine that you enter your secret credentials to an app and someone sitting far keeps a watch on your activity. We know this is not impossible and several apps have already been reported involved in cyber threats like a mysterious malware reported on Play Store and CCleaner Malware that targeted major software companies recently.
Fake Uber App
The latest research conducted by Symantec, a cyber-security firm, reveals that a malicious fake Android app can steal your Uber user ID and password. The identified fake Uber app causes a disguised interface to pop-up on the user’s display prompting to enter Uber login details on regular intervals. It even takes up the whole screen so that the users have no option other than entering their login details. Worryingly, the fake interface looks exactly like the Uber’s original one.
The story doesn’t end here as the fake Uber app gives rise to a sense of security and prevents any suspicions by linking itself to the real Uber app. Once the user enters Uber login credentials, it directs to the real Uber app and shows current location, near-by rides and everything else that you see on Uber app.
The malicious software sends users’ credentials to the hackers’ server. Now it is up to those hackers how they use that data to fulfil their evil deeds. They can sell that data to other hackers on black market and even use it to steal users’ other accounts since most people have the same account details across multiple online services.
How to Avoid?
Symantec suggests some basic tips on how to prevent fake Uber app and other malware apps from stealing your data online:
Keep your software up to date
Refrain from downloading apps from unfamiliar sites and only install apps from trusted sources
Pay close attention to the permissions requested by apps
Install a suitable mobile security app, such as Norton, to protect your device and data
Make frequent backups of important data
Likewise, Uber also commented on the situation and a spokesperson said:
Because this phishing technique requires consumers to first download a malicious app from outside the official Play store, we recommend only downloading apps from trusted sources. However, we want to protect our users even if they make an honest mistake and that’s why we put a collection of security controls and systems in place to help detect and block unauthorized logins even if you accidentally give away your password.