Online sales on this cyber Monday are expected to reach more than $3 billion. But cyber security experts warn that smartphone shoppers could be at risk because of dangerous and sometimes counterfeit apps.
Nicole Barker likes shopping through her apps – but didn’t realize they could put her identity at risk.
“It’s really scary because you trust those brands when you see them and you just accept or trust that that’s who you’re dealing with.”
A company that creates many of those apps for major retailers found some shopping apps, for names like Dillard’s, Payless, even Christian Dior and Jimmy Choo….weren’t real.
“We found that there was hundreds of fake apps. Hundreds,” says Chris Mason from Branding Brand.
“If you take those apps down and you get rid of that provider, you’ll find them show up in a different form with a new name, new credentials and it just keeps happening.”
Gary Miliefsky with cyber-security firm Snoopwall says it’s all about criminals getting hold of your private information.
“Some of these apps, these counterfeit apps are so good, they give you a complete shopping cart experience. Everything through the congratulations, here’s your order number, it’s on its way and then you’ll never get the goods.”
But Miliefsky’s points to something even more disturbing – with super-popular emoji keyboard apps. These keyboards replace the one on your phone, giving you an endless supply of emoticons for every occasion.
But he says many can also gain access to your contacts, text messages, possibly even passwords.
Google Play told us the it scans apps “for potentially malicious code as well as spammy developer accounts” and they have a separate tool for android devices to ‘verify apps’.
Apple told us they “provide notice on all keyboard apps about the fact that these apps can have access to what you type”… except for passwords, which apple says can only be typed in using the regular keyboard.
If you desperately want those cute emoticons the expert’s advice here is, don’t install one that’s free, pick one you pay for, hopefully from a developer based here in the United States.
And if requests pop up on your iPhone where the keyboard wants to use the internet, access your contacts, or locate you through GPS, just say no.
(Anna Werner, CBS News)