Security Tip of the Week – Malicious App Phishing Scam

by Carissa

We live in an app-based world. From laptops to smart TVs, applications are used nearly everywhere. Learning which is a safe or a malicious app can be tricky as cybercriminals continue to find new ways to exploit your trust.

Keller Schroeder Security Solutions Group LogoThe latest scam involves third-party apps that request unusual permissions. Users are easily fooled into downloading these third-party apps because they are registered on legitimate app stores and are designed to work in conjunction with popular products such as Microsoft OneNote or GSuite. The app is pretty harmless on its own, but shortly after downloading it you’ll receive an email related to this app, and the email includes a phishing link. If you click this link, it will cause the third-party application to request special permissions such as the ability to read and write to files on your behalf. If you grant the app these permissions, you’ll give the bad guys unlimited access to your sensitive information.

Don’t fall victim to this scam! Remember the following:

  • Never click on a link within an email that you weren’t expecting.
  • Only download apps from trusted publishers. Remember, anyone can make an application and scammers can use any image, text, or logo to make the app seem legitimate.
  • When using a work device, reach out to your IT department before downloading new apps or granting app permissions. They can decide if the application is legitimate and safe to use.

Stop, Look, and Think. Don’t be fooled.

KnowBe4 Logo - Keller Schroeder Vendor PartnerKnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.

DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.