When your mobile device includes features like fingerprint sensors, you naturally feel safer and are of the opinion that your personal information and details are protected from third parties, right?
Well, this is not always the case as these additional features sometimes make it easier for unsuspecting users to fall prey to cheap scams and fraud techniques carried out through mobile devices.
Sometimes, we feel we just lost a few bucks and thus there is no need for alarm, but when this is done to millions of people, the fraudsters behind these scams end up as millionaires and continue to scam more unsuspecting users.
Apple devices have a feature that allows you to use your fingerprint to verify transactions and installations. Scammers have found a way to use this technique to get into your account (if a card is linked to your device App store) to make deductions from your account.
An internet security company known as ESET Southern Africa has released a report revealing its discovery that multiple apps posing as fitness-tracking tools on Apple IOS devices were caught abusing the Apple's Touch ID feature to steal money from many unsuspecting iOS users.
The shrewd payment mechanism used by these apps is swift and unexpected, it is often activated automatically while victims are scanning their fingerprint seemingly for fitness-tracking purposes.
There are a lot of apps available in the Apple App Store that claim they can calculate the body-mass index, track the daily calorie intake, or remind users to drink more water. They say all you have to do is scan your finger print on the app so that the calculations will be made for you.
While the users are taking this personalized tests through their finger prints, the apps automatically displays a pop-up showing a dodgy payment amounting to $99.99, $119.99 or €139.99 and approves the payment instantly.
This pop-up is only visible for about a second, and would have been approved before the user takes off his/her finger from the scanner. If the user has a credit or debit card directly connected to his/her Apple account, the transaction is verified and the money is wired directly to the operator behind the scams.
Another discovery was that the same developers had different apps with different names in the store, so while you are busy un-installing one fitness app to install another, you may be purchasing the same product from the same developer, only with a name change!
Posting fake reviews is a well-known technique used by scammers to improve the reputation of their apps, so do not think that what 'people say' on the review page is any good.
Despite its malicious nature, the Fitness Balance app received multiple five-star ratings, had an average rating of 4.3 stars and received at least 18 mostly positive user reviews. Beware, these are all fake!
However, iPhone X users can breath a sigh of relief as the device has an additional feature called "Double Click to Pay", which requires them to double-click the side button to verify a payment.
Hence, be extra careful the next time you are scanning your fingerprint on an app.
Header Image Credit: 9to5Mac