All kinds of apps, that is, mobile applications, are gradually becoming a "necessity" in our daily life. We are usually also relieved to download some official apps. But be careful now, there are also fakes in the APP. In order to obtain improper benefits, criminals counterfeit some genuine APPs and launch "Li Ghost" APP to trick users into downloading, installing, and using. These counterfeit APPs are very similar to genuine APPs, and the icons and texts are almost identical, which is very confusing, and many people have been tricked. Once such a counterfeit APP is downloaded, it is easy to cause information leakage, property damage and other consequences.
Ms. Yan, who lives in Xiaochang County, Xiaogan, Hubei Province, happened to see a collectibles auction website on the Internet. It just so happened that she had a collection that she wanted to sell, and with the mentality of giving it a try, Ms. Yan left her phone number on the website. A few minutes later, a person claiming to be the auction company's customer service contacted her and instructed her to download an app called "Jianwu" through a web link, claiming that it was the official app of a well-known auction company in Hong Kong.
Subsequently, the customer service staff asked Ms. Yan to register an account on this "appreciation" APP, and asked her to deposit 10 yuan and then withdraw money. Ms. Yan's operation went smoothly, so she trusted the customer service even more, so she sent photos of the collection. A few days later, the customer service agent told Ms. Yan that her collection had been auctioned for 2.8 million yuan and that the buyer had paid a deposit of 1 million yuan.
Party Ms. Yan: I saw that the deposit had been transferred to my appraisal APP account, and the customer service said that it could not be withdrawn, and a deposit of 20,000 yuan had to be paid, which means that I have made 20,000 yuan now, and the family will become rich, and 1.02 million yuan can be withdrawn from it.
Seeing that the caller ID showed Hong Kong, Ms. Yan believed the other party's words and transferred 20,000 yuan into the APP's account. But when she planned to withdraw the 1 million yuan, she found that it was impossible to operate at all.
Client Ms. Yan: He yelled at me, saying that you had committed a foul, and you put the 20,000 yuan in it, until the thing was given to the buyer, and the 20,000 yuan could not be withdrawn, and he asked me to make up 20,000 yuan.
Under the continuous deception of the other party, Ms. Yan successively deposited 47,000 yuan into the APP account. Although the money passed, the more Ms. Yan thought about it, the more wrong she became, and she suddenly realized that she might have been deceived, so she hurried to the public security organ to report the case. After police verification, the APP downloaded by Ms. Yan was a counterfeit collection identification APP.
Yi Shuihan, a first-class police officer of the Criminal Investigation Brigade of the Xiaochang County Public Security Bureau, Xiaogan City, Hubei Province: The website pushes an APP called 'Jianwu' that has been written by the fraud gang itself and has not been recorded, and the members of the fraud gang act as software customer service to provide virtual qualifications for buying and selling.
It turned out that the "appreciation" APP downloaded by Ms. Yan was a counterfeit APP of a well-known auction company in Hong Kong, which belonged to the targeted fraud of criminals, and the download of this APP could only be downloaded from the website link, and it could not be searched in the regular mobile phone application market.
Ms. Yan's case is not unique. The reporter's investigation found that in recent years, there have been many fraud cases caused by counterfeit apps, involving various types such as false investment, financial management, online loans, swiping orders, gambling, and dating. Data from 2022 shows that fake app fraud accounts for 60% of telecom network fraud cases. Among them, many of the counterfeit apps involved in the case were downloaded through various web links.
The reporter combed and found that most counterfeit APPs are disseminated and downloaded through web links or social software, but there are also some counterfeit APPs that are spread through the official mobile phone application store, which is more confusing.
Zhang Ermeng, police officer of the Investigation and Strike Department of the Economic Development District Bureau of the Wuhu Public Security Bureau of Anhui Province: Based on our trust in the app store, we believe that downloading these APPs is firmly believed to be regular and will not be deceived.
Mr. Sheng from Wuhu, Anhui Province, often needs working capital to do business, and he has been careful when choosing loan software for fear of being scammed. This time, Mr. Sheng downloaded a loan software called "Borrow Now" from the official app store of a brand's mobile phone. However, what he didn't expect was that not only did he not get a loan, but he was cheated of 6,000 yuan.
Mr. Sheng: At that time, after entering the card number, the amount was more than 10,000 yuan, and the card number was filled in, and he said that he would reply and call it directly to the card, and then replied that the card was frozen, and I said how could it be frozen? He said that the card number was wrong, and I said how to get the money out? He said that you have to unfreeze.
If you want to unfreeze, the other party said that you have to pay 6,000 yuan first, and Mr. Sheng confirmed that the download of this APP came from the official platform of the mobile phone, and then entered 6,000 yuan to unfreeze according to the other party's requirements.
Zhang Ermeng, police officer of the Investigation and Strike Department of the Economic Development District Bureau of the Wuhu Public Security Bureau of Anhui Province: Step by step, and then the other party continued to ask him to transfer money, and then the victim realized that he had been deceived. When he took out a loan in the loan product, he first searched in the app store and found a loan product, but after clicking in, he downloaded another loan product.
However, why did the legitimate software downloaded from the official app store of the mobile phone become fraudulent software? It turned out that when responding to the audit, the criminal gang provided the auditor with a normal APP. After passing the review, when the user downloads it, it will jump to the fraudulent APP.
Gao Yang, second-level supervisor of police technology of the Investigation and Strike Department of the Economic Development District Bureau of the Public Security Bureau of Wuhu City, Anhui Province: The loan products that provide review are all formal loan products, and they look very formal step by step after clicking, so that the auditor will pass and feel that this APP is normal and can be listed on the official app store. However, after ordinary users log in, they will download new apps, and the new apps are scam apps.
Not only that, according to experts, with the escalation of technological confrontation, the fraud methods and tricks of criminals are also constantly being renovated.
Li Kun, technical expert of the anti-fraud work team of the Ministry of Industry and Information Technology: This is a relatively new means, after it is put on the shelves, it can be updated and replaced through some dynamic loading and repair patches or directly the background of the built-in web page, and finally a seemingly regular APP is directly replaced with a fraudulent APP, we generally call it the "hot update" of the APP, which is the so-called "vest" APP.
The reporter learned that in addition to some life and financial APPs being counterfeited, government affairs APPs have also become the target of counterfeiting by criminals. At present, it is the peak period of individual income tax declaration. Since October last year, many individual industrial and commercial households in Taizhou, Zhejiang Province, have received calls from self-proclaimed "tax officers", asking them to use their mobile phones to download an app called "Tax Annual Report" to review their tax annual reports, and charge about 300 yuan for the audit. After police verification, this APP is also a counterfeit APP.
Through investigation, the police cracked the counterfeit APP fraud case and arrested 61 suspects, with a total amount of millions of yuan. This kind of counterfeit government APP not only deceives more people in the name of "government affairs", but also damages the credibility of government departments, causing greater harm.
Experts took the counterfeit individual income tax declaration APP found in the monitoring as an example to show reporters the trickiness behind this kind of illegal software. Experts pointed out that most of these fake apps are just imitations of the shell of genuine apps, and many of the content interfaces in them are just cobbled together with screenshots of genuine software. The purpose is, first of all, to obtain the personal information of the operator. After obtaining the key information such as the ID number filled in by the user, the controller behind the counterfeit APP can carry out more accurate fraud activities based on these personal information, and even directly obtain the victim's account and password. So, where does all this stolen personal information go?
The technician used the simulator to further track down the IP addresses of the backend servers of the two apps. The comparison found that the formal APP server was deployed in Beijing, while the information collected by the counterfeit APP flowed overseas. Fraudsters deploy servers outside the country in order to evade supervision and crackdown by relevant authorities.
Fang Yu, member of the Digital Economy and Security Working Group of the Security Professional Committee of the China Computer Federation: These fraudulent apps often change their names and icons, and jump to the service background many times after entering, making it more difficult to monitor and detect them in a timely manner. With the continuous iteration of technical means, fraudsters use tools to generate fraud-related APPs in batches, and a skilled black industry chain has been formed.
In response to the problems and chaos of mobile applications, the relevant departments have been stepping up supervision and improving supervision. The Internet Information Department in the two-month "Rectification of Information Content of Qinglang Life Service Platform" In the special action, a total of more than 7.9 million pieces of illegal and negative information have been cleaned up, more than 1.7 million accounts have been disposed of, 562 websites have been closed, and 201 applications have been removed from the shelves; the Ministry of Industry and Information Technology's anti-fraud work team, in conjunction with relevant departments, has carried out pilot work on anti-fraud electronic identification of APPs, and from September 2023 to the present, a total of about 17,000 counterfeit APPs have been monitored and discovered; at present, the pilot work of the Ministry of Industry and Information Technology's anti-fraud electronic identification is expanding from the prevention and control of financial APPs to government affairs APPs, further strengthening the research and judgment coverage of fraud-related APPs.
In order to further strengthen supervision, the Ministry of Industry and Information Technology (MIIT) issued the Notice on Carrying out the Filing of Mobile Internet Applications in August 2023, requiring APP hosts engaged in Internet information services in China to perform filing procedures in accordance with relevant regulations, and those who fail to perform the filing procedures shall not engage in APP Internet information services. From April to June this year, the telecommunications authorities organized supervision and inspection of the filing of APPs, and disposed of APPs that still failed to perform the filing formalities in accordance with the law.
Fang Yu, member of the Digital Economy and Security Working Group of the Security Professional Committee of the China Computer Federation: In the next step, in response to the discovery of fraudulent apps, it is necessary to continue to develop more intelligent and efficient security detection tools and establish a blacklist database of fraudulent APPs. In addition, combined with some new and intelligent technical means, operators can detect fraudulent traffic in a timely manner through network traffic analysis, and further strengthen linkage, timely information sharing, and timely blocking through public security, cyberspace, finance, market supervision and other departments.
It is necessary to strengthen the linkage of departments, rely on policies and legal means, strengthen governance at the source, consolidate the responsibility of the platform, cut off the chain of interests, and create a safer, cleaner and more upright network environment. At the same time, as consumers, we should also be cautious when downloading apps, do not click on links that do not have a clear safety source, and do not scan QR codes from unknown sources. Once you find that there is an abnormality in the downloaded APP, or the relevant page or mobile phone prompts that there is a risk of fraud, you must be cautious and call the anti-fraud number for consultation. (CCTV News)