FaceApp Scams Emerge Due to Heightened Popularity (Jul 19, 2019)
The popularity around the FaceApp application has attracted scammers who want to make some quick profits, according to ESET researchers. Scammers have been using a fake “PRO” version of the application as bait and have made an effort to spread the word about this fictitious version of the currently-viral app. The FaceApp application, which offers various face-modifying filters, is available for both Android and iOS. While the app itself is free, some features, marked as “PRO”, are paid. One form of the scam uses a fake website that claims to offer a premium version of FaceApp. The second type of scam includes YouTube videos again promoting download links for a “Pro” version. The scammers trick their victims into clicking through offers for installing other paid apps and subscriptions, ads, and surveys. Victims also receive requests from various websites to allow displaying notifications. When enabled, these notifications lead to further fraudulent offers. One of the fraudulent YouTube videos had over 150,000 views, as of this writing.
Recommendation: Mobile applications should only be downloaded from official locations such as the Google Play Store and the Apple App Store. Websites and documents that request additional software is needed in order to access, or properly view content should be properly avoided. Additionally, mobile security applications provided from trusted vendors are recommended.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.