Users are falling for a scam that claims to give them access to a system that would allow them to monitor other people's smartphones for $50. Except it doesn't actually exist.
Fake
software is nothing new, as scammers try to trick users into buying fake
antivirus and other security tools. Now Symantec researchers have uncovered a
scam around a fake smartphone monitoring tool.
SMS
Privato Spy is marketed as a tool that allows users to view a smartphone's
screen live, activate the microphone and eavesdrop on the microphone, view call
logs, and monitor the physical location via GPS, Peter Coogan, a security
expert at Symantec, wrote on the Security Response blog Dec. 8. SMS Privato Spy
is advertised as spyware that allows customers to secretly monitor smartphones
belonging to their spouses or co-workers. It was also announced on the text-sharing site Pastebin on Oct. 10.
"Ever
get the feeling you've been cheated? Now you can find out the truth," the
site advertising the tool claimed.
The
scammers have a slick Website advertising the software and even a YouTube video
of someone supposedly reviewing the tool. However, the video is actually for a
different piece of real software by a legitimate company, Elluma Discovery.
"Unfortunately
more than a few scammers such as Privato have embedded the video on their
advertising page to make it look like we are endorsing them. There is little we
can do about this deceptive practice. We receive many angry callers and emails
from people who have been scammed, and they think we have sold them the
software or endorsed a product, which of course we have not," Eric Robi, a
computer forensic specialist with Elluma Discovery, told Symantec.
However,
there is no such product called SMS Privato Spy, Coogan said. The operation is
just an elaborate scam to trick users out of between $50 to $125 for software
that doesn't exist.
"Scammers
will go the extra length to convince potential victims that their product and
website [are] legitimate. Always try to be vigilant when purchasing goods
online," Coogan wrote.
When
people attempt to buy the package, of which there are four versions, they are
given a "voucher pin code" from an online payment site called
PaySafe, according to Coogan. When the voucher code is redeemed on the Privato
Spy site to register and "pay" for the product, they receive a
message saying the order is being processed and will be finalized within 24
hours.
A
unique username and password would allegedly be sent to the customer, which
could then be used to log in to the "Live Console" to begin
monitoring anyone's phone, according to the Pastebin announcement.
"No
further contact is made with the victim," Symantec's Coogan wrote.
Scammers
use the voucher pin code to purchase items on other sites in a form of money
laundering, according to Symantec. Researchers found one case where the
scammers used the voucher code to purchase items in online game's Web shop,
which were then resold on an online black market to convert virtual items to
real money, Coogan said.
An
investigator with California-based Nighthawk Investigations posted a comment on
the
MassPrivateI blog maintained by a Lynn, Mass.-based attorney. The blog
claims that the scam was "perpetrated by two young men in their early
20's." MassPrivateI is speculating on the legal ramifications of the
software.
Email
Print
