"Predatory Loan Apps Found Targeting Victims in Google Play and Apple App Store"
Researchers at the cybersecurity company Lookout discovered over 300 loan apps in both Google Play and the Apple App Store exhibiting predatory behavior, such as exfiltrating sensitive user data and harassing borrowers for payment. The apps, which can be found in Africa, Southeast Asia, India, Colombia, and Mexico, claim to provide quick, fully digital loan approvals with reasonable loan terms. However, the apps take advantage of potential victims' desire for quick cash to entice them into predatory loan contracts. Borrowers must grant access to sensitive information on their devices, such as contacts, phone history, and SMS messages, in order to obtain a loan through the apps. In addition to gaining access to data that would be unnecessary for a valid loan application process, many predatory loan operators have been described as engaging in "scam-like" behavior. Victims of the apps reported that the loans had hidden fees, high interest rates, and repayment terms that were far less favorable than what was advertised on the app stores. Lookout Threat Lab researchers also discovered evidence that data exfiltrated from devices is sometimes used to put customer pressure on repayment. Although the researchers do not use the term "extortion," those behind the apps often threaten to reveal a borrower's debt or other personal information to their network of contacts if the inflated loan payments are not made. Of the apps discovered, 251 were Android apps listed in Google Play, and 35 were found in the Apple App Store. The apps that were listed for iOS users were among the top 100 finance apps in regional app stores, indicating that Apple was unintentionally promoting them. This article continues to discuss the malicious loan apps found in Google Play and the Apple App Store.