Two apps are cited as being found in the Apple App store. Fitness Balance and Calories Tracker.
There may be more. The tactic employed informs the user to press and hold the Touch ID with the user's finger to identify the user via fingerprint to "unlock" features of the app. The app then uses an in-app payment request to charge the user. Since the fingerprint scanner "pre-scans" the payment request is approved.
In a similar scam, a game lights up buttons on screen for the user to rapidly touch the flashing button. One of those buttons is an in-app purchase and approve button.
No comments:
Post a Comment