Despite a significant drop off in active users, the popularity of Pokémon Go is continuing to attract scammers looking to exploit users in search of a leg up, and recently researchers have spotted scams spreading into social media and fake apps.
Of the 543 social media accounts Proofpoint researchers spotted that were related to Pokémon Go across Facebook, Twitter, and Tumblr platforms, 167 were fraudulent, according to a 7 Sept blog post.
Researchers found that 44 of the accounts contained links to download files, many of which purporting to be game guides, 79 were imposter accounts, and 21 of the accounts promised “free giveaways.”
The accounts offering downloads affected both mobile and desktop platforms and delivered adware, malware or software different that what was advertised. Some of the accounts also redirected users to install Android APKs which happened to be malware, the post said.
Many of the accounts distributing these third party applications are readily available via search on social networks and while some of the accounts may use social engineering to entice players to download malicious content, more often they just pretend to be legitimate, Proofpoint vice president of mobile security Dave Jevans said via email comments.
“This isn’t so much a matter of gullibility as ignorance of the potential threat and eagerness to get ahead in the game,” Jevans said. “Few of these accounts have big red flags aside from language issues, but the target demographic for Pokémon Go isn’t sensitised to social media and mobile app threats.”
Jevans said fraudulent accounts and app store downloads were detected in many regions.
In addition to the fraudulent social media accounts, Malwarebytes researchers spotted a new mobile trojan which uses the game’s icon as bait to lure users into downloading the malicious app.
The trojan uses the same package name and icon as the creature-catching game, making it more difficult for users to differentiate the fake application from the real one, according to a 5 Sept. Malwarebytes post.
The malicious app requests admin rights once installed, if permission is granted the app will immediately redirect users to random destinations such as phony dating sites designed to entice users to divulge personal information. Other destinations included sweepstakes claiming the victim has won prizes, survey, and other phishing pages.
Despite the frequency of Pokémon Go related malware and phony content designed to exploit users, a Niantic spokesperson said it is fairly easy to avoid becoming infected.
“Do not install any apps related to Pokémon GO that come from any organisations other than Niantic or The Pokémon Company,” the spokesperson said via emailed comments.
This article originally appeared at scmagazineuk.com