As part of an effort to understand the involvement of bad actors in the e-commerce space, RiskIQ tracked and appraised a major number of websites and apps linked to the upcoming Black Friday online shopping event.
According to their report, around 10% of mobile apps (located by searching for "black Friday") were, or should be, blacklisted as unsafe.
An analysis of nearly seven million sites and apps related to the names of the top five online retailers yielded more than a million instances of blacklisted online properties or 15% of all hits.
As background, the company states, "The source of RiskIQ's Blacklists is our collection of internet data, which our collection architecture of virtual users gathers by scanning, crawling, and passive sensing the internet – including Web pages, mobile apps and stores, and a variety of social websites and apps. RiskIQ's crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, 783 global locations across more than 100 countries, 16 million mobile apps, and 300 million domain records."
The company makes these general observations:
- Ensure that you are only downloading apps from official app stores such as Google or Apple;
- Be wary of applications that ask for suspicious permissions, like access to contacts, text messages, administrative features, stored passwords, or credit card info;
- Just because an app appears to have a good reputation doesn't make it so. Rave reviews can be forged, and a high amount of downloads can simply indicate a threat actor was successful in fooling a lot of victims. Before downloading an app, be sure to take a look at the developer – if it's not a brand you recognize or has a strange appearance or spelling, think twice. You can even do a Google search on the developer for more clues about its reputation.
- Make sure to take a deep look at each app. New developers, or developers that leverage free email services (e.g., @gmail) for t heir developer contact, can be enormous red flags – threat actors often use these services to produce mass amounts of malicious apps in a short period. Also, poor grammar in the description highlights the haste of development and the lack of marketing professionalism that are hallmarks of mobile malware campaigns.
iTWire would add that users should access e-commerce properties via their official websites and to use those sites to locate and download the company-provided app.