Pokemon Go, the smartphone game created by Niantic Labs and Nintendo has developed huge interest around the globe. The game which was originally made available only in US, Australia and New Zealand, has been installed by smartphone users in other parts of the globe via APK files and other hacks.
Pokemon Go is instantly the number 1 free app on App Store in US, and has been installed on twice as many Android devices as Tinder. Some reports point that Pokemon Go regular active users were nearly as big as Twitter’s.With so much action happening around individual Pokemon game, cybercriminals and hackers have taken note of the hype and developed various fraud and Trojans that are reportedly infecting the Smartphone.
Various scams and Trojans created around Pokémon Go:
1. Trojanised Pokemon Go apps:The massive known threat is the unofficial Pokémon Go app which has been installed extensively. With Pokémon Go being accessible only in just five countries, game lovers elsewhere are looking for method to install the app and catch Pokémon.
Symantec reports malware programmers are circulating a remote access location as Pokémon Go. Once downloaded, the app looks legal with Pokémon Go login screen but ends up giving complete access to the device.
2. Free PokeCoin scams: Pokémon Go is a free app, but Niantic makes money when users spend real money to get a virtual currency called PokeCoins. Pokemon Go players can spend PokeCoins on items such as incense or eggs to hatch rare Pokemon.
Cybercriminals have designed surveys giving free PokeCoins. Once the user clicks or visit the scam site, they are asked for their Pokémon Go user name and the amount of coins they want.
These scam sites then want Pokemon Go users to go via a verification process, which includes installing few applications or signing up for additional services, completing a survey form.
3. Permissions and Privacy scare:Since the day of Pokémon go launch, Niantic has been the subject of a privacy threat. The initial app permissions page suggested Pokemon Go getting full control to handle Google accounts. However, Niantic instantly replied by stating it had access to only primary information and has updated the app since then.Since Pokemon Go utilizes camera and GPS of a smartphone for real-time mapping, it could end up being the newest repository of mapping data.According to Symantec, Niantic’s launch of Bluetooth LE wearable gadget might risk users’ location data.
4. Pokemon Go cheaters:A good game is basically unfinished without cheat codes. Pokemon Go players have been found cheating to catch Pokemons on the go.According to reports, Pokemon Go lovers have been found imitate GPS location data, placing their mobile device to toy trains, ceiling fans, dogs or even drones to mislead the app to thing the user is moving. It seems Niantic expected this sort of move, and has been imposing hour-long bans on players.
While this seems not be a threat, malware programmers could provide GPS cheating tools and with remote location Trojans code to gain control to a Smartphone.
Steps to protect one from Pokemon GO scams and malware:
- Prohibit fraud Pokemon Go apps: It is highly advisable to wait for the official app to launch in your country. Stop oneself from installing Pokemon Go variants from third-party sources.
- Use strong passwords for Pokemon Go account.
- Update your device’s firmware to block fraudulent attacks.
- Keep away from using game-cheating apps circulated on web and social media platforms.
- Download the updated version of Pokemon Go app, which withdraws request for full access to Google account.