Fortnite scammers spread fake apps on the web
Fortnite, the sandbox video game, has become so popular that Epic Games, is providing $100 to $300 million to supply prize money for eSports tournaments. What it hasn't done is release an android version and scammers are releasing fake versions to unsuspecting victims. The numerous fake Fortnite Android apps spreading around the web, looking to entice desperate mobile gamers hungry for a version they can play on their Galaxy devices since the game has not been officially released for Android, these have been quite successful. Google searches for "Fortnite for Android" is one of the first auto-fill suggestions for search terms, indicating its popularity. All too often these searches go to scam sites.
Fortnite is a free online multiplayer, role-playing game where gamers can buy skins to become different characters and species, along with armor and other items. They can also build structures and do battle and generally live a life within the Fortnite world. It doesn't take itself too seriously, either, it has a cartoon look and has a disco bomb that makes opposing warriors break into dance. It is fun and has attracted 125 million active players for its most popular mode, "Battle Royale."
Recently, scammers have increased tricking Fortnite enthusiasts, releasing YouTube videos with links to get versions of the game. Once a fkae version is installed, it asks for more downloads, one after another and the scammers make a commission on each download. These scam apps can also spread malware. Epic Games is close to releasing a version of its popular online game Fortnite for Android users. Unfortunately, many people just can't wait and are hunting for early access versions and criminals are happy to oblige, with malware.
The root problem is not fake Fortnite apps, but the existence of malicious apps in general. In frenzy, an individual downloading what looks to be an app via a mobile browser instead of an official app store. This opens up a host of potential vulnerabilities, and with the increasing use of smartphones for both business and pleasure, sometimes without any formal security management controls, it has the potential to be vector for an enterprise breach.
Another problem is that Android phones are at high risk since most of them are not up-to-date. Most Android users are on the 6.0 Marshmallow version, which is several versions behind, and less than 1 percent of users are running the newest 8.1 Oreo version. There are other Fortnite related dangers too, Fortnite accounts have also become lucrative targets for hacking. Hacking gaming accounts is as interesting as other cloud services like Office365, Salesforce and Dropbox. Accounts that were taken over either by phishing or weak passwords can bring in substantial profit. Especially for gaming hackers who are usually more interested in in game resources than actual funds. Hackers are always looking for ways like phishing and social engineering to take over accounts and monetize from other scams, such as free in game money. Fortnite developers are trying to educate players against risk in such scams, you can only buy VBucks through the in game store. But some users will still click and fall for the promise of free gifts eventually, and preventive measures should be taken as well against phishing and malicious apps on your phone.
Fortnite is a phenomenon, so it is attracting cybercriminals. Scams targeting unsuspecting gamers range from selling fake vBucks to presenting malicious app downloads. Users must always be cautious when trusting third party apps, whether they are browser plug-ins, Facebook quizzes or mobile phone apps. Malware and privacy concerns require constant vigilance. Consumers aren't the only ones at risk, any enterprise that allows employees to connect their own Android phones to the corporate network is also at risk. To reduce the risk of infection on Android, make sure to update to the latest version, lock your phone to only allow downloads from Google Play and avoid apps that have very few reviews. Fortnite isn't the first popular game targeted by criminals. In 2016, Pokemon GO app went through a similar cycle, with fake versions of the app spreading nasty malware like DroidJack, a remote-access tool.