Another large wave of spam has been hitting Google Drive users over the past few weeks. You might have noticed it either through an email in your Gmail inbox or a notification on your phone — or both — saying that an unknown email address mentioned you in a document. The comment includes a URL that you should absolutely not click. This is not the first time spammers have abused Drive, Calendar, or even Photos, and it likely won't be the last. Google's steps to remedy the different situations have been nothing but a band-aid over a bleeding, gaping hole.
This story was originally published and last updated .
Amid an economy-crushing pandemic, AT&T decided that now was a good time to send a scaremongering email to many of its customers, claiming that their phone "is not compatible with the new network and you need to replace it to continue receiving service." The email conveniently omits that this message is regarding a change that won't take place until February 2022, providing only a link that later calls out this change linked to the decommissioning of AT&T's legacy 3G network.
Google is right to be proud of how well it keeps a vast majority of malware and scams out of the Play Store, but there is one particular kind of misleading applications that the company has trouble dealing with. So-called fleeceware apps are overcharging customers for basic functionality, but still deliver what they promise, which technically doesn't make them scams in Google's book. Some people end up with $300+ bills for an image search app that just redirects to Google Images, which is certainly not a genuine way of making money. Google has to step up its game to tackle these kinds of unethical apps.
With recent scam apps incidents in mind, it might look like Google isn't very good at keeping malware and fraud out of the Play Store, but the company is hard at work to allow as little in as possible. It has shared today that thanks to security advancements, it could keep more than 790,000 policy-violating apps from entering the Play Store, and has also prevented more than 1.9 billion malware installs from sources outside of its distribution platform in 2019.
Google isn't good at keepingmalware out of the Play Store. Even though the company has announced an App Defense Alliance to strengthen its Play Protect Scanner, a few scam apps have once again managed to slip through and are ripping off unsuspecting UK Android users. Some of the applications are currently among the top free apps on the UK Play Store and promise movie streaming at no cost, but sign up users for a subscription service via their phone bill.
In June, we discovered that spammers and scammers found a new way to distribute their unwarranted information via Google Calendar by exploiting a default setting in Gmail which automatically invites email recipients to events. Now, Google is finally ready to step in. The company today announced that it's working on resolving the issue, but isn't ready to share any details just yet.
For as long as Google Maps (and other digital mapping services) have existed, there have been fake listings. The most notable example was a scam where a centralized operation would mass-produce fake locksmith listings advertising low rates, then jacking up prices as poor sods left out of house or car get desperate. These days, the directory battlefield has expanded across different high-cost industries with devastating tactics deployed against businesses and the public while placing livelihoods on the line.
We've all received a spam email telling us we've won millions of dollars or need to reset our online banking password. Although these are widespread, most messaging platforms and even browsers have learned to recognize them for our protection. Because of this, attackers are finding more sophisticated means to be more attractive: Besides using Google Docs to trick users, scammers have turned to Google Calendar and are relying on its automatic event creation setting to take advantage of people.
With over two million applications in the Play Store, there are bound to be a few bad apples here and there. However, the creatively named "QR Code Reader-Barcode scanner & QR Code Scanner" might be one of the absolute worst apps in the entire marketplace. At over one million installs, there's a lot of dirty money in play if even a small fraction of people were defrauded out of roughly $100 each.
I'm not a gamer, but even I knew that Call of Duty coming to mobile is big news. Big enough to have people trying to find ways to play it even before it's officially released, and scammers using the opportunity to prey on those who aren't knowledgeable or perceptive enough. And today we have the first signs of the latter: a scam listing for Call of Duty: Mobile has surfaced on the Play Store and it costs a — hold your breath — whopping $32.