Over the last couple of months, the country-wide quarantine has caused a spike in mobile application use, with consumers ordering the delivery of everything from groceries to automobiles. In fact, shopping app downloads hit 14.4 million in the US during the week of March 29 – April 4, 2020 (up 20% from the weekly average for January 2020). However, as more people have utilized these convenient tools, there has been a concurrent rise in cybercrime. According to the Federal Trade Commission, Americans have lost $13.4 million to coronavirus-related fraud since the beginning of the year.
While using a marketplace app on your phone may feel safer than manually inputting your credit card number on a website, there are still many threats to consider as fraudsters are shifting their tactics to take advantage of the recent rise in app-based purchases. To protect yourself against these risk-factors and minimize your chances of becoming a victim of identity theft, follow these three guidelines when using marketplace platforms:
#1 – Protect your phone number
Given that most mobile apps use your phone number to enable the log-in process, fraudsters are well-equipped to find and use disabled phone numbers to access platforms that may host payment information, PII, and other valuable data.
Any account where you accept or transfer money can be particularly vulnerable, as hackers can use your prior phone number to log in and quickly drain your account if an old number is still linked to an active app. It’s recommended that you audit and update all log-in information whenever your mobile carrier is changed to make sure there are no past numbers associated with current personal information.
#2 – Use authenticator apps for 2-factor authentication
Many security experts recommend using 2-factor authentication for online services, a process that requires you to not only enter a password, but also verify your identity on a device you physically possess, usually a mobile phone. However, when using your phone number for 2-factor authentication, it’s easy to get locked out of your accounts should your number change or be taken over by a bad actor. When that happens anyone who may be assigned your number next could gain access to your personal information. Authenticator apps minimize this risk by requiring you to enter a code they provide and are usually tied to a specific device. This makes it less likely that a cybercriminal, or the next person assigned your digits, can gain access to your personal information with just a phone number.
Authenticator apps also provide an added layer of protection if a bad actor succeeds in socially engineering their way into your mobile provider. When this happens, the hacker can have a new SIM issued to them, effectively giving them total control over any apps that you’ve accessed on your mobile device. While there are obvious monetary consequences to this, these fraudsters could also manipulate your personal and professional social media accounts – creating a wake of damage to your reputation or that of the company where you work.
#3 – Use caution with digital money transfers
In today’s world, face-to-face interaction has taken a backseat as people work to minimize contact with those outside their own home. This has led to a surge of transactions taking place over mobile payment apps. From Venmo and PayPal, to Xoom and Apple Cash, the options are endless. But money is hard to recover if you send it to the wrong person. Only use digital money transfers with people and vendors you know and trust. This also means taking the extra time to research who you are transacting with if you are not able to meet them face to face first.
Trusting online reviews (which are notoriously unreliable) or failing to use multiple methods to verify your contacts are easy ways to effectively place money in the hands of cybercriminals. Once the money is transferred, there is no way to get it back, unlike protected transactions that use a debit or credit card. Proceed with extreme caution when using mobile payment apps, and try to only send money to trusted family and friends.
While technology currently allows us to chat, share, and purchase nearly anything with the tips of our fingers, it also opens us up to potential risk. As more people utilize these convenient methods of shopping and sending money, cybercriminals are increasingly taking advantage of the inherent weaknesses in these systems. Keeping track of your accounts, protecting your number, and being aware of who and where you’re sending money can help ensure a safer mobile marketplace experience.