When it comes to Pokemon Go, “if you wanna be the very best, like no one ever was, to catch Pokemon WAS your real test, but NOW to avoid scammers is your cause!”
Picking up on the popularity that is flooding the smartphones of consumers by storm, scammers are now taking advantage of these players’ vulnerability to “catch em’ all”. Enticing users with promises of coins and special features which could lead to intrusive malware, scammers are jeopardizing the safety of consumer’s personal and financial information.
In the past few months, North American users have been hit with thousands of SMiShing attacks, reported Adaptive Mobiles, an Irish mobile security firm. The scam texts promote a copy-cat site called pokemonpromo.com (which has since been taken offline), and claims to give users additional features if they refer 10 of their friends, which would continue the malware download cycle.
However, this is only one of a number of sites who are playing the same malware game. A number of scammers have also created a bunk version of the app that allows them to take control of the user’s phone. A number of users have been targeted through email as well.
In a report by the Better Business Bureau and Variety Magazine, “Users are advised that they have to upgrade to a paid version that will cost $12.99 per month. […] Your account will be frozen in 24 hours if you do not upgrade.”
We’re hoping that as the intrigue for the app dies down, scammers will back off on their schemes as well. Until then, here are a few tips from the BBB to help you catch em’ all before you get caught up in a scam:
- Be wary of unexpected emails that contain links or attachments. Do not click on links or open files in unfamiliar emails.
- Check the reply email address. One easy way to spot an email scam is to look at the reply email. The address should be on a company domain, such as firstname.lastname@example.org.
- Don’t believe what you see. Just because an email looks real, doesn’t mean it is. Scammers can fake anything from a company logo to the “Sent” email address.
- Consider how the organization normally contacts you. If an organization normally reaches you by mail, be suspicious if you suddenly start receiving emails or text messages without ever opting-in to the new communications.
- Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Be especially wary of messages you have not subscribed to or companies you have never done business with in the past.