Fake Amazon app targets Black Friday shoppers

Fake/genuine

Hoards of shoppers hunting for the best Black Friday deals and perhaps not paying full attention to online safety makes this a time of year when cyber criminals are also keen to cash in on moneymaking opportunities.

Internet security company Zscaler has uncovered a widespread malware campaign whose authors are scamming large numbers of people by creating fake Android apps offering early access to Amazon's Black Friday and Cyber Monday sales.

Once installed it masquerades as a legitimate Amazon app. When launched it starts a child app that asks for admin privileges and other risky permissions including sending SMS and dialing phone numbers. This app registers itself as a service so it will stay on the device even if the original app is removed.

It has code for harvesting the user's personal data including call logs and received inbox messages, collecting sender's numbers, SMS body text, received incoming call numbers and contact names.

Zscaler warns users to, "Always install applications from legitimate app stores and websites. Be aware of the permissions asked by the application during installation. Shopping apps should not be asking for access to your contacts or SMS".

More information on the attack is available on the Zscaler blog.

Photo credit: Stuart Miles / Shutterstock

Comments are closed.

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.