With FaceApp gaining in popularity, scammers have found a new way to monetize ads by using a fake “Pro” version to lure users who are looking to download the popular app. Researchers have discovered two primary methods that scammers are using to attract potential victims. The first method is by using a website that offers the premium version for free. In reality, the scammers trick users into clicking through countless offers for other paid apps, surveys, subscriptions and ads. The malicious app will also ask the victim’s permission to enable notifications that will lead to other fraudulent offers. During testing, researchers tried downloading the “Pro” version and only ended up with the free version of FaceApp. The second method used by scammers is through the use of fake YouTube videos that promote download links for the free “Pro” version of FaceApp. The shortened download link redirects users to install other apps before they are ultimately taken to the free version. The shortened links not only are used to deliver malicious ads but have the potential to install malware on the device with a single click.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is