An important warning has been issued over harmful apps that are affecting millions of phones.
If staying safe online wasn't enough to contend with in this era of cybersecurity woes and hackers trying to get into our financials, we're taking a ticking portable time bomb with us in the form of our smartphones.
It's a little too easy to download dodgy apps to our phones, and with it, we're letting cybercrooks into our personal lives without even knowing it. Now, there's a 'stark' warning about 15 dangerous apps that have been identified in over 8,000,000 phones.
According to McAfee, these SpyLoan apps are dangerous malware that could 'lead to extortion, harassment, and financial loss.' The attack seems to be aimed at Android users and is hitting multiple countries, with McAfee warning there's been 'a significant global increase' in 'predatory loan apps.'
By using social engineering tactics, users are tricked into handing over sensitive information by granting extra mobile app permissions.
During research into PUP (potentially unwanted programs) apps, McAfee identified 15 apps with a common framework that pulls your data to a command and control (C2) server using 'a similar HTTP endpoint infrastructure.'
Often promoted through deceptive adverts on social media, the servers tend to operate locally from territories mainly in South America, Southern Asia, and Africa.
If you have any of the apps installed (see below), you're advised to immediately remove them from your Android device.
McAfee has explained how SpyLoan apps work, telling users: "SpyLoan apps are intrusive financial applications that lure users with promises of quick and flexible loans, often featuring low rates and minimal requirements.
"While these apps may seem to offer genuine value, the reality is that these apps primarily exist to collect as much personal information as possible, which they then may exploit to harass and extort users into paying predatory interest rates."
Instead of offering actual financial assistance, these apps tend to push limited-time offers and countdowns to rush you into making hasty decisions - potentially putting you in a worse situation with debt.
Alongside hidden fees and high interest rates that don't match the loan amount users were promised, they're known for blackmailing by selling data to third-party sources, while some have even reported receiving death threats.
Worryingly, SpyLoan apps are known for using the names, logos, and similar user interfaces to actual financial institutions that are reputable. They're even harder to spot thanks to a series of fake reviews posing as real customers.
Thankfully, McAfee says it has reported these apps to Google. While some have been completely wiped, others have been updated by developers to comply with the Google Play policies.
To avoid being stung, we're told to carefully review app licenses, limit permissions, and research developers. Keep your device updated and think about installing security software, but ultimately, keep your wits about you.
We're too quick to press the accept button, but as McAfee warns, all it takes is one simple mistake and you can be hit hard in the pocket.