A recent study has revealed that mobile users in the Middle East and Africa are particularly susceptible to installing suspicious financial mobile apps. These apps often claim to offer microlending services, which are commonly used by residents in the region who lack access to mainstream credit markets. However, these seemingly legitimate apps are actually invasive and collect personal data from users’ smartphones as collateral for any outstanding debts.
The research, conducted by cybersecurity company Kaspersky, found that these fraudulent apps request access to text messages, contacts, and photos/videos before approving a loan. Once installed, the apps can use the data collected from the smartphone to coerce the user into repaying their debt through unscrupulous means. For instance, the apps can send information and photos from the user’s gallery to all of their contacts, notifying them of the user’s debt.
Consumer privacy experts have urged users to be cautious when granting permissions to apps and to report any suspicious activity to Google. Chris Hauk, consumer privacy champion at Pixel Privacy, advises users to question why a loan app would need access to their camera, photos, or other documents on their device. He emphasizes the importance of careful consideration before granting permission to any downloaded app.
The Middle East, Turkey, and Africa (META) region rank third globally in terms of the number of installs of potentially unwanted mobile financial apps, according to Kaspersky’s research. This can be attributed to various factors specific to the region. For instance, it is an emerging technology market where mobile infrastructure plays a vital role in enabling basic needs. Many users in the region heavily rely on their mobile phones for banking, communication, and entertainment.
Another contributing factor is the lack of technology protections commonly found in other regions. While Android dominates the market share in the Middle East and Africa, some phones sold in the region may not have access to standard Google services like the Play Store. This leaves users vulnerable to less reputable app stores that are more likely to distribute malware and other unwanted apps.
Experts also point out that the challenge with mobile apps in the META region goes beyond invasive permissions and fraudulent apps. Outdated versions of apps can contain known vulnerabilities that can be exploited, and malicious versions of apps impersonating well-known brands also pose a risk. However, following best practices such as using trusted app stores, scrutinizing app permissions, and regularly updating software can be difficult for many users in the region.
There is a clear need for increased cyber fluency, awareness training, and vendor safety efforts in the META region. Experts suggest that private-sector institutions and security companies should make a concentrated effort to boost cybersecurity maturity and educate users about potential risks associated with mobile apps. Additionally, improving access to trusted app stores and implementing consistent software updates across devices would greatly enhance user security in the region.
In conclusion, the prevalence of suspicious financial mobile apps in the Middle East and Africa poses a significant risk to users’ personal data and financial well-being. The popularity of microlending services in the region, combined with limited technology protections and user awareness, contributes to the success of these fraudulent apps. It is crucial for users to be vigilant when granting app permissions and to report any suspicious activity to protect themselves from potential harm. Additionally, efforts to improve cybersecurity maturity, awareness, and vendor safety in the region are imperative to mitigate these risks effectively.