Connect with us

Tech News

Spotting dangerous imposter retail apps popping up in time for the holidays

(BUSINESS NEWS) ‘Tis the season for scamming. It looks like there are already apps popping up that trick even the tech savvy. Let’s discuss how to spot ’em.

Published

on

sensors etiquette influencers

Risky business

Ah, the holidays! With hopes for a festive holiday season just around the corner, everyone wants to make it easier for you to shop for amazing gifts for those special people in your life. Including, it seems, scammers, who want to trick you into downloading fake apps from very real brands.

Over the past month, there has been a significant increase in the number of counterfeit apps in the Apple App Store that appear to be authentic, from stores ranging from luxury brands such as Christian Dior and Jimmy Choo all the way to discount stops such as Dollar Tree. These, however, do not go to the official apps of the retailer, but instead link to apps that range from the annoying to the malicious.

In some, the user is asked to provide Facebook login information or credit card data, exposing them to financial and personal security risks, as well as malware that could turn their iPhone into an information sieve, providing access to all of one’s virtual life to a bot.

bar

Who is to blame?

So, who’s behind the latest attempt to defraud you?

The New York Times names the chief culprits to be a company called Cloaker. Cloaker, based in China, provides the technology that undergirds thousands of apps found in the Apple App Store, but does not look into the veracity of what the clients are asking them to create.

Speaking to The New York Times, Jack Lin, the ostensible founder of Cloaker, commented that, “We hope that our clients are all official sellers. If they are using these brands, we need some kind of authorization, then we will provide services.” Although Mr. Lin’s words may sound soothing, take into consideration that Cloaker’s website purports many far-fetched claims, such as the branch office that they maintain they keep in the middle of Facebook’s headquarters in Menlo Park, Calif.

What is Apple doing?

“[W]e take…security very seriously,” said an Apple spokesman, Tom Neumayr, speaking to The New York Times. “We’ve set up ways for customers and developers to flag fraudulent or suspicious apps, which we promptly investigate to ensure the App Store is safe and secure. We’ve removed these offending apps and will continue to be vigilant about looking for apps that might put our users at risk.”

Apple’s vigilance aside, the App Store is besieged daily by an influx of new fake apps. When an app is submitted for review by Apple, it’s important to note that the problem is one of scale.

With literally thousands of apps submitted to iTunes on a daily basis, Apple has made the choice to scan for software that may be compromised of malicious code, rather than looking at apps individually to see if they are connected to the brands that they purport to be.

Once the app has passed the initial phase of Apple’s scrutiny on its submission to the App Store, developers have been known to then alter the content inside the app, or simply overwhelm the App Store by changing their bona fides and resubmitting similar apps to those detected as fakes. Some of the developers have been known to utilize Apple’s systems against it, using the paid search ad feature to place their fake app higher in the results screen than the actual item itself.

Protect yourself

So, how do you protect yourself?

Spelling counts: You’d think that a company would take the time to spell its name brand correctly, and you’d be right. Many of these counterfeit apps have names that don’t reflect an accurate spelling or otherwise appear slightly wonky as compared to the official branding. There are other signs of problems beyond the names, too. The menus and support services may not be in standard English, or even in approximately professional English grammar and spelling, which one can reasonably expect of an authentic brand app.

They existed out of thin air: While everyone has to start somewhere, you should expect authentic apps to have reviews that have the air of authenticity to them. Many of these fakes have either no review history or one that is very similar to a cut- and-paste approach to a 5-star rating and the same comments on review after review. Also, many of these counterfeits do not have a history of prior versions or updates.

First isn’t always best: As we discussed, with many counterfeiters using the Apple paid search feature to boost themselves to the top of the ratings, being at the top isn’t a sure sign of authenticity.

Ultimately, although Apple means well and is quick to respond to complaints, it is up to you as the consumer and the brand itself to police the App Store and to report signs of fraudulent behavior. While the holidays ought to be the season for being jolly for everyone, make sure that it’s only those who didn’t make the naughty list who get to enjoy them.

#ScammyScam

Roger is a Staff Writer at The American Genius and holds two Master's degrees, one in Education Leadership and another in Leadership Studies. In his spare time away from researching leadership retention and communication styles, he loves to watch baseball, especially the Red Sox!

Tech News

Daily Coding Problem keeps you sharp for coding interviews

(CAREER) Coding interviews can be pretty intimidating, no matter your skill level, so stay sharp with daily practice leading up to your big day.

Published

on

voice and SEO

Whether you’re in the market for a new coding job or just want to stay sharp in the one you have, it’s always important to do a skills check-up on the proficiencies you need for your job. Enter Daily Coding Problem, a mailing list service that sends you one coding problem per day (hence the name) to keep your analytical skills in top form.

One of the founders of the service, Lawrence Wu, stated that the email list service started “as a simple mailing list between me and my friends while we were prepping for coding interviews [because] just doing a couple problems every day was the best way to practice.”

Now the service offers this help for others who are practicing for interviews or for individuals needing to just stay fresh in what they do. The problems are written by individuals who are not just experts, but also who aced their interviews with giants like Amazon, Google, and Microsoft.

So how much would a service like this cost you? Free, but with further tiers of features for additional money. Like with all tech startups, the first level offers the basic features such as a single problem every day with some tricks and hints, as well as a public blog with additional support for interviewees. However, if you want the actual answer to the problem, and not just the announcement that you incorrectly answered it, you’ll need to pony up $15 per month.

The $15 level also comes with some neat features such as mock interview opportunities, no ads, and a 30 day money back guarantee. For those who may be on the job market longer, or who just want the practice for their current job, the $250 level offers unlimited mock interviews, as well as personal guidance by the founders of the company themselves.

Daily Coding Problem enters a field with some big players with a firm grasp on the market. Other services, like InterviewCake, LeetCode, and InterviewBit, offer similar opportunities to practice mock interview questions. InterviewCake offers the ability to sort questions by the company who typically asks them for that individual with their sights targeted on a specific company. InterviewBit offers referrals and mentorship opportunities, while LeetCode allows users to submit their own questions to the question pool.

If you’ve really got your eye on the prize of receiving that coveted job opportunity, Daily Coding Problem is a great way to add another tool in your tool box to ace that interview.

Continue Reading

Tech News

Quickly delete years of your stupid Facebook updates

(SOCIAL MEDIA) Digital clutter sucks. Save time and energy with this new Chrome extension for Facebook.

Published

on

facebook desktop

When searching for a job, or just trying to keep your business from crashing, it’s always a good idea to scan your social media presence to make sure you’re not setting yourself up for failure with offensive or immature posts.

In fact, you should regularly check your digital life even if you’re not on the job hunt. You never know when friends, family, or others are going to rabbit hole into reading everything you’ve ever posted.

Facebook is an especially dangerous place for this since the social media giant has been around for over fourteen years. Many accounts are old enough to be in middle school now.

If you’ve ever taken a deep dive into your own account, you may have found some unsavory posts you couldn’t delete quickly enough.

We all have at least one cringe-worthy post or picture buried in years of digital clutter. Maybe you were smart from the get-go and used privacy settings. Or maybe you periodically delete posts when Memories resurfaces that drunk college photo you swore wasn’t on the internet anymore.

But digging through years of posts is time consuming, and for those of us with accounts older than a decade, nearly impossible.

Fortunately, a Chrome extension can take care of this monotonous task for you. Social Book Post Manager helps clean up your Facebook by bulk deleting posts at your discretion.

Instead of individually removing posts and getting sucked into the ensuing nostalgia, this extension deletes posts in batches with the click of a button.

Select a specific time range or search criteria and the tool pulls up all relevant posts. From here, you decide what to delete or make private.

Let’s say you want to destroy all evidence of your political beliefs as a youngster. Simply put in the relevant keyword, like a candidate or party’s name, and the tool pulls up all posts matching that criteria. You can pick and choose, or select all for a total purge.

You can also salt the earth and delete everything pre-whatever date you choose. I could tell Social Book to remove everything before 2014 and effectively remove any proof that I attended college.

Keep in mind, this tool only deletes posts and photos from Facebook itself. If you have any savvy enemies who saved screenshots or you cross-posted, you’re out of luck.

The extension is free to use, and new updates support unliking posts and hiding timeline items. Go to town pretending you got hired on by the Ministry of Truth to delete objectionable history for the greater good of your social media presence.

PS: If you feel like going full scorched Earth, delete everything from your Facebook past and then switch to this browser to make it harder for Facebook to track you while you’re on the web.

Continue Reading

Tech News

Google’s reCaptcha better secures sites, but comes with wild privacy risks

(TECHNOLOGY) Google has made some serious advances when it comes to reCaptchas, and they’re extremely impressive. Unless you value your privacy…

Published

on

google's recaptcha v3

Check here if you are not a robot. If you are not a robot, can you read this nonsensical string of letters and numbers that looks like it’s been wrung out like a wet towel? Can you choose the picture of a car out of these nine street scenes?

Over the years, Google has come up with a number of ways to verify that internet users, especially when signing into accounts, are not, in fact, bots. The most up-to-date system, reCaptcha v3, stands to big up web security, but comes with some serious privacy compromises.

The new reCaptcha is invisible to the user. No more clicking through pictures of street signs and dogs. According to Cy Khormaee, product lead for reCaptcha, “Everyone has failed a Captcha,” but from now on, users will no longer have to worry about it.

That’s because the new reCaptcha v3 detects bots by analyzing a user’s navigation of the site itself. Unusual or malicious actions generate a higher risk score. Website administrators receive users’ risk scores, and can respond according by, for example, requiring further verification from suspicious users.

This new method should make it much more difficult for bots to crack a site, because mimicking a whole string of human behaviors is much more complicated that breaking the old Captchas.

Over 4 million sites are still using the old Captchas, while 65,000 new sites are testing out reCaptcha v3. While some sites will display the reCaptcha logo at the bottom of the page, you mostly won’t be able to tell which sites are using the new service.

One major trade off is consumer privacy. As part of assessing a user’s risk score, reCaptcha v3 checks to see if you already have Google’s cookie installed – the one that allows you to open new tabs without re-signing in to Google. The logic is that, if you have a Google account, you are more likely to be a real person. The downside is that this means that Google is receiving data from every site you visit that uses reCaptcha v3.

And what will they do with this data? Google told Fast Company that reCaptcha gathers “hardware and software information, including device and application data” and that this data was used only “to fight spam and abuse.” They claim that data won’t be used to target advertising to users.

As of yet, Google’s Terms of Service does not include any language about reCaptcha. Once again, consumers have nothing more than the good word of the corporation to trust when it comes to their privacy.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!