All about Caixa Econômica Federal
A survey carried out by the dfndr lab, the laboratory of the company specializing in cybersecurity at PSafe, found 49 unofficial applications from Caixa that add up to more than 5 million downloads in the Google Play store. A check showed that everyone has purely informational purposes – with rights to registration tutorials and tips on how to check if your name is dirty -, but the amount of transfers raises the alert about possible fraud.
- Google Play will require apps to tell you how your data is used
- House approves bill that criminalizes mass shooting of fake news in apps
- Play Store finally begins to close in on apps with misleading titles
“It is a common practice for cybercriminals to create applications that misuse the names of other services to attract the public,” explains Emilio Simoni, director of the dfndr lab. According to him, people who download unofficial apps can be tricked into sharing personal data – which increases the chances of falling victim to various scams.
“Although, at the moment, these apps do not show malicious behavior, there are chances of having their characteristics modified through an update and present risks to the user’s data”, warns the expert. In the case of Caixa applications, all of them have their developer identified as “Caixa Econômica Federal” and bring the e-mail [email protected] in their descriptions.
PSafe offers some tips to protect against potentially malicious apps:
- Use security software that detects malware (such as dfnr security, offered by the company);
- Download apps through official government sources and official banking services websites;
- Never provide personal data on links or applications of doubtful origin (when in doubt, always be suspicious);
- Check the app developer, read user reviews, and be wary of insufficient information to find out if an app is reliable.
Simoni explains that such behavior happened when the Brazilian government announced Emergency Aid, which brought up 250 fake or unofficial apps. “Many of them, after gathering millions of downloads, had their characteristics modified and became means for data theft”, he explains.