BE AWARE: Anyone else hear about this?

[StupidGenius]

I just read this on Engaget.

----------------------------------

Phishing Android apps explain our maxed-out credit cards

By Chris Ziegler posted Jan 11th 2010 2:07PM

There's no such thing as a perfect mobile app store strategy -- you're either too draconian, too arbitrary, or too loose in your policies, and as far as we can tell, there's no way to find a balance that isn't going to trigger an occasional alarm or get a few people worked into a lather. If you're too loose, for instance, you're liable end up with the occasional bout of malware, which is exactly what appears to have gone down recently in the Android Market with a few fake banking apps published by a bandit going as "Droid09." As you might imagine, the apps end up doing little more than stealing your information and ending your day in tears; the apps have since been pulled, but that's probably little consolation for those already affected. The moral of the story? Be vigilant, keep a close eye on those system permissions the Market warns you about as you install new apps, report sketchy ones, and -- as always -- use a hearty dose of common sense.

Phishing Android apps explain our maxed-out credit cards -- Engadget

 

[jfourman]

I just read this on Engaget.

----------------------------------

Phishing Android apps explain our maxed-out credit cards

By Chris Ziegler posted Jan 11th 2010 2:07PM

There's no such thing as a perfect mobile app store strategy -- you're either too draconian, too arbitrary, or too loose in your policies, and as far as we can tell, there's no way to find a balance that isn't going to trigger an occasional alarm or get a few people worked into a lather. If you're too loose, for instance, you're liable end up with the occasional bout of malware, which is exactly what appears to have gone down recently in the Android Market with a few fake banking apps published by a bandit going as "Droid09." As you might imagine, the apps end up doing little more than stealing your information and ending your day in tears; the apps have since been pulled, but that's probably little consolation for those already affected. The moral of the story? Be vigilant, keep a close eye on those system permissions the Market warns you about as you install new apps, report sketchy ones, and -- as always -- use a hearty dose of common sense.

Phishing Android apps explain our maxed-out credit cards -- Engadget

I downloaded the app for my bank from the MarketPlace. The moment I tried to signin for the first time, it hit me: "What the heck am I doing, this is probably a phishing scam". I immediately changed the password to my account and haven't had a problem. I am glad/not-so-glad to hear confirmation that was a phishing scam since I was getting ready to chalk up my concern as a false alarm and change my password back.

 

[iPirate]

Anyone have this happen to them? I don't exactly trust Engadget.

I just read this on Engaget.

----------------------------------

Phishing Android apps explain our maxed-out credit cards

By Chris Ziegler posted Jan 11th 2010 2:07PM

There's no such thing as a perfect mobile app store strategy -- you're either too draconian, too arbitrary, or too loose in your policies, and as far as we can tell, there's no way to find a balance that isn't going to trigger an occasional alarm or get a few people worked into a lather. If you're too loose, for instance, you're liable end up with the occasional bout of malware, which is exactly what appears to have gone down recently in the Android Market with a few fake banking apps published by a bandit going as "Droid09." As you might imagine, the apps end up doing little more than stealing your information and ending your day in tears; the apps have since been pulled, but that's probably little consolation for those already affected. The moral of the story? Be vigilant, keep a close eye on those system permissions the Market warns you about as you install new apps, report sketchy ones, and -- as always -- use a hearty dose of common sense.

Phishing Android apps explain our maxed-out credit cards -- Engadget

I downloaded the app for my bank from the MarketPlace. The moment I tried to signin for the first time, it hit me: "What the heck am I doing, this is probably a phishing scam". I immediately changed the password to my account and haven't had a problem. I am glad/not-so-glad to hear confirmation that was a phishing scam since I was getting ready to chalk up my concern as a false alarm and change my password back.

Is that what the app was? Bank app?

 

[Martin030908]

Another reason I don't do any banking on my phone. Common sense will keep you free from this harm.

 

[unix.punkx]

Yes im also glad for banking online and not over my Droid. Thanks for posting this, OP

 

[Martin030908]

If you bank on your Droid, use the bank's webpage... no need for an app... unless it's released by the bank!

 

[StupidGenius]

If you bank on your Droid, use the bank's webpage... no need for an app... unless it's released by the bank!

+1 on this!!!

 

[Caprice0083]

My bank is so small its probably not even avaible for the legit ones, still a bad move to bank on the phone, I just call them up for balances and stuff like that.

 

[Martin030908]

If you bank on your Droid, use the bank's webpage... no need for an app... unless it's released by the bank!

+1 on this!!!

Nice find by the way.... what may be common sense to some of us may not be to others. Good to bring things like this to everyone's attention.

 

[p1ngputts]

I have the Bank of America app, I think I'm safe.