Fake oximeter apps latest in Covid cyber con

MANGALURU: Cybercriminals have been busy during the pandemic, exploiting the fear and worry among people with Covid-themed malicious apps, phishing campaigns, malware and more. The latest trick in the book is a fake app that claims to detect the blood oxygen level. Some of these claim to read oxygen levels with the phone light and camera while others seek a fingerprint.


Doctors have been stressing on early referrals to avoid complications caused by low oxygen saturation levels and some people are falling prey to newly developed fake apps which they mistakenly think is a cheaper option, said Ananth Prabhu G, cyber law and security trainer, and professor at Sahyadri College of Engineering and Management.

“The lastest app could be another attempt by cybercriminals. While there are safe oximeter apps too, we are noticing a rise in the development of fake apps exclusively to steal data. Biometric data such as fingerprints that are used for e-wallet transactions and as an alternative to passwords and screen lock, could be misused. There is also the threat of personal photos and data being stolen as it asks for storage and gallery permissions during installation. Such apps can also read the SMS inbox that has bank account transaction alerts,” Prabhu said.

Users, he stressed, should verify the developer, ratings, reviews, bugs and total downloads before installing an app.

Sanjay Kaushik, managing director of Netrika Consulting India Pvt Ltd, said people are tempted to download these apps which they think is a quick and zero-cost option. “Fraudsters can fool in name of reading oxygen levels and easily misuse or steal our fingerprints and personal data that can be dangerous. However, this not to say mobile-based options should be brushed out completely,” he said.

McAfee researchers found it typical of such con campaigns to use pandemic-related subjects like testing, treatment, cure and remote working to lure targets into clicking on a malicious link, downloading a file, or viewing a PDF.

“Cybercriminals are exploiting the prevailing atmosphere of fear to target online users with malicious links and applications aimed at stealing personal information or even biometric data like fingerprints. Though app stores have proceses for checking the authenticity of apps, there are ways in which malicious apps could still get through. We need to be vigilant about what apps we use and what permission we grant them...” said Ritesh Chopra, director, sales and field marketing for India & SAARC countries, NortonLifeLock.