FAKE POKEMON GO SOCIAL MEDIA PAGES DELIVER ADWARE MALWARE AND MORE
Pokemon Go players have been warned to watch out for fake social media pages delivering adware and malware. The game – which celebrated its 500 millionth download and was announced for Apple Watch this week – is wildly popular, and cyber criminals are looking to take advantage.
Security researchers from Proofpoint have identified 543 social media accounts associated with Pokemon Go across Facebook, Twitter and Tumblr.
Of these, more than 30 per cent were found to be fraudulent, trying to infect users with adware or malware or scamming them out of their money or data.
The researchers discovered 167 fake accounts, including 44 that had links to download files they claimed were guides or the game itself.
Meanwhile, 79 were impostor accounts and 21 promised “free giveaways” – a type of scam commonly reported on social networks by security experts.
“It’s important to note that while we have seen at least three malicious versions of Pokemon Go, social media is also driving users to install Android APKs, which happen to be malware,” Proofpoint said in a blog post explaining the threat.
“Power ups, guides and walkthroughs are all common and easy ways to draw users’ attention as these are compelling tools that help players in the game.”
The researchers said the 167 fraudulent accounts were just “the tip of the iceberg” when it comes to Pokemon Go scams on the internet and mobile app stores.
And these are just the latest threats to virtual Pokemon hunters. Before the game officially launched in the UK, cyber criminals attempted to trick users into installing modified, malicious versions of the game on their devices.
More recently, hackers tried to fool their victims into installing ransomware disguised as a PC version of the game – despite Pokemon Go being mobile-only.