Avast researchers find apparent Android app scam

Jeff Elder 15 Jul 2019

Phone-number tracking app gives fake results in tests, as users point out in comments

Avast’s head of mobile threats is warning Android customers that an app claiming to identify who owns phone numbers appears to be a subscription scam. 

Nikolaos Chrysaidos noted issues related to the app Number Finder on Twitter on Thursday after running tests that showed the app falsely claimed to have information that would be revealed to subscribers. 

“Subscription scams have been trending for a while now in both app stores – Google and Apple,” Chrysaidos added. “Users should be careful using apps that require a subscription to use the basic functionality.” He said consumers should also be skeptical of apps with high monthly subscription rates.

Number Finder, published by developer POZTechnology, is a popular mobile application that claims to reveal the identities of unknown callers. It has been downloaded more than one million times, while the collective downloads of applications published by the developer are more than 11 million.

The app offers users two options: a monthly subscription for which payment information is required up front; or the option to search a number. The app then claims to match that number to an individual – if the user starts a subscription. 

If the user enters a number to test this, whether valid or fake, Number Finder displays the same message claiming one person is linked to that number. This appears to be a dishonest attempt to convince the user to subscribe to the service to find out whose number it is. 

Avast entered multiple phone numbers that are not in service, yet Number Finder always returned the same result, “This number is identified by 1 people. Get a free-started subscription to see all results unlimitedly.” IMG_5047

Reviews say Number Finder subsequently fails to match a number with a caller ID once users have subscribed to the service, despite its claims to the contrary. The app has no other functionality to offer subscribers.

Avast has escalated the issue to Google’s anti-malware team. 

To avoid falling victim to scams such as this, Avast recommends that users always check the reviews and ratings of applications on both Google Play and Apple’s App Store before downloading them.

Get more guidance from Chrysaidos on why Android users must remain vigilant about malicious apps in an interview on The Avast Blog. 

Distribution (promotion) of the app seems to also be happening from Youtube Ads, according to a user review. 

Screen Shot 2019-07-14 at 6.45.59 AM

--> -->