Throughout 2022 and the first quarter of 2023, 14% of installs of potentially unwanted mobile financial apps on Android phones were made by users in the Africa, Middle East, and Turkiye, (META) region. META ranks third among the world regions behind APAC and LATAM in terms of the number of installs of such apps. As Android holds a dominant market share of 78% in the Middle East, 80% in Africa, and 70% in Turkiye, cyberthreats for this mobile operating system remain persistent. Kaspersky experts continuously monitor the mobile threat landscape and track threat trends to provide the most up-to-date intelligence about the potential dangers.
Certain mobile financial apps offer seemingly legitimate microlending services, however, they were found to engage in scam and collect personal data from users’ smartphones. These apps request access to text messages, contacts and photos/videos before a loan can be provided. In case the user delays the debt payment, app operators may use the data collected from the smartphone for blackmailing and forcing the user to return the debt. For instance, information can be dispatched to all of the user’s contacts informing them of the user’s debt accompanied by photos from the gallery.
An example of a microlending app on Google Play and the data it collects
“The threat landscape evolves, and mobile financial cyberthreats become more sophisticated and pervasive. While downloading smartphone apps from official app stores is less risky than obtaining them from elsewhere, apps can still request the user to give access to different types of personal data that could then be misused. As smartphones are used to store an increasing amount of personal data, granting access to it raises security concerns and places additional demand on the security of mobile devices and privacy-preserving ways of storing the data,” comments Igor Golovin, Malware Analyst at Kaspersky.
To protect yourself from mobile threats, Kaspersky shares the following recommendations:
- It is safer to download your apps only from official stores like Apple App Store, Google Play or Amazon Appstore. Apps from these markets are not 100 percent failsafe, but at least they get checked by the moderators and there is some filtration system — not every app can get onto these stores. It’s worth looking through user reviews of an app to see if there is any negative feedback on its functionality.
- Check the permissions of apps that you use and think carefully before permitting an app, especially when it comes to high-risk permissions such as Accessibility Services.
- A reliable security solution can help you to detect malicious apps and adware before they start behaving badly on your device. Conveniently, you can get protection, like Kaspersky consumer products, directly from mobile operators.
- Update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software.
- Kaspersky calls on the mobile industry to enhance cyber protection at all levels, including security for users, by providing tailored cybersecurity services. Kaspersky Consumer Business Alliances enable companies to offer their customers complete cybersecurity portfolios by backing them with Kaspersky’s global support and expertise.