SCF Advanced Search



Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43467
  • Total Topics: 16558
  • Online today: 2834
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2072
Total: 2073









Author Topic: Fraudulent Adult Dating Services Turn 10 Years Old, Still Evolving  (Read 4295 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Fraudulent Adult Dating Services Turn 10 Years Old, Still Evolving

McAfee Mobile Research monitors adult one-click-fraud applications on Google Play that are targeted at Japanese users. Although the attackers appeared to have stopped uploading these apps in May, they have now resumed the attacks. We have confirmed about 600 malicious applications have been published since the beginning of April.

We have also confirmed that another type of well-known fraudulent application–bogus adult dating services–are increasing on Google Play. These fraudulent dating-service applications have been published before on Google Play, and now we’ve seen new apps appear every day since May. We’ve counted in total more than 400 fraudulent dating applications, and more than 130 are still on Google Play. The number of total downloads lies between 90,000 and 310,000. The figure would be higher if we counted already deleted apps.



Fraudulent adult dating-service applications in Japan.

Fraudulent dating services have existed in Japan for more than 10 years. They generally operate using decoys, called sakura in Japanese. These are the service operators themselves or paid agents who pretend to want to meet the victims. The sakura have no intention of meeting, but do want to make callers pay money to keep in touch. In most cases, the victims are lured to these malicious sites via spam mails, links on web pages, and search engines. Recently new media–such as social networking services and free messaging tools–also attract victims to these services.

Today, the attackers increasingly trick their potential victims using mobile applications, especially on Google Play. In most cases, these apps simply show fraudulent websites on its WebView component or run a browser to show the sites.



Initial screens of fraudulent dating service apps displayed on WebView.

We now know that a developer of a series of one-click-fraud applications also publishes fraudulent dating-service apps. It is not clear whether the developer is actually operating the dating services but they are related, for example, by receiving affiliate revenues from the service operator.



Fraudulent dating service apps published by a one-click-fraud apps developer.

It appears that other developers are publishing bogus dating applications. The apps vary in format: displaying fraudulent websites, providing fake advertisement links to websites, providing links a set of websites including malicious sites and legitimate dating services, imitating article threads from a well-known BBS and tricking readers into believing their story and registering for the malicious services, and so on.



Fraudulent dating-service apps published by another developer.




Links to fraudulent dating-service apps embedded in a BBS article-collection app.



Fraudulent dating-service app as a collection of links.

The landing pages of these malicious sites often imitate pages on Google Play–to make users believe the services are safe and endorsed by the official app store.



Landing pages of fraudulent apps imitating Google Play pages.

These applications do not automatically collect private information from the devices or send spam mails/SMS messages; they just lead users to their fraudulent sites. On those sites, users are requested to input their email address on their devices or in some cases their mobile phone numbers.

Once users register for the service, the decoy sends mail, which always has the same message. At first, users can exchange messages with the potential “partner” for free, but the free period suddenly expires just as the decoy promises to meet; the victims have to pay to keep in touch. Sometimes the decoy says she wants to give the victim a huge amount of money and requests a minimum charge to the service to proceed; of course such offers are always baloney!

Other characteristics are that users are automatically registered in one or more dating services at the same time, probably operated by the same fraudulent group. Once registered in these services, users will receive a massive amount of spam to trick them into paying money; in the worst case two or three mails are sent every minute, up to more than 1,000 mails per day.

Users can avoid these risks by not registering for the services or not communicating with the service operator even if they accidentally register. But even with this easy defense, some victims suffer again and again. Professional fraudsters catch the unguarded with their tricky tactics.

McAfee Mobile Security detects these fraudulent dating-service apps as Android/DeaiFraud and protects customers from this common Japanese fraud. We also block web access to such malicious sites by registering their URLs in our Web Reputation Database.


Original article: Thursday, June 6, 2013 at 3:40pm by Daisuke Nakajima



NOTE! Off cause there is other products then McAfee that you can use to secure your device!

Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info


devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
Sigh - thanx Pez, I'm about to stop installing Play apps altogether ;p

Google really should start addressing these problems!

Karma

Devvie


~~~ notemail@facebook.com ~~~

Conare nullius momenti videri fortasse missilibus careant
——
All spelling mistakes are my own and may only be distributed under the GNU General Public License! – (© 95-1 by Coredump; 2-013 by DevNullius)
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Sigh - thanx Pez, I'm about to stop installing Play apps altogether ;p

...

After few hundreds already installed. >:D : http://scforum.info/index.php/topic,8119.msg20651.html#msg20651


P.S.

Thanks P. (and sorry for off-topic).  :thumbsup:

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023