Successful cybercriminals are amateur psychologists who know that exploiting human frailties is more profitable than cutting-edge malware. So in 2014, Symantec predicts predators will take advantage of the innocence of smartphone users who tend to place too much trust in their devices and apps.
How tricksters win
The anti-virus vendor's crystal ball says seedy app developers will be the source of hoaxes, cons and scams that extract cash from the gullible. Rather than try to get malicious code past Google Play's scanners or Apple's vetting machine, conmen will build apps that trick naive people into handing over personal information.
Symantec discovered such an app this month. Called InstLike, the app had between 100,000 and 500,000 installs from Google Play and was ranked 145 among the top-grossing iOS apps on Apple's App Store, beating out popular games like Temple Run 2. InstLike was eventually removed from both stores, but not before the developers gathered at least 10s of thousands of usernames and passwords for people's Instagram accounts.
Here's how the hoax worked. The app developers played on people's desire to be popular by promising likes and followers for free. Of course, nothing is free and the service required users to provide their Instagram login credentials. A legitimate app would have used Instagram's application programming interface to access accounts after receiving permission from the accountholders.
People who joined the service essentially gave the developers control over what they liked and who they followed on the photo-sharing and social network. The tricksters made money by selling Instagram likes and followers to businesses and individuals.
Instagram, which has more than 150 million users, is especially appealing to people between the ages of 18 to 29, a demographic more likely to be lured into signing up for a service that promises instant popularity. InstLike did its homework.
The social media goldmine
People are showing signs of Facebook fatigue and a significant number of teens and young adults are spending less time on the social network. This doesn't mean these jaded users are becoming less social. Rather, they're seeking out startups and niche sites that are more fun.
Swindlers are sure to follow with mobile apps that will prey on people's innocence, carelessness and outright stupidity. While there's lots of software to defend against malware, protecting people from themselves is a lot more difficult.