Chances are you’ve either played or heard about Pokemon Go. The huge interest and success Pokemon Go has generated around the world in the last week is well known. Unfortunately cybercriminals have already noticed the hype and begun creating social media scams and Trojanized versions of the app to take advantage of Pokemon Go players, while other users have developed ways to cheat at Pokemon Go, such as spoofing GPS locations, and the official app was also hit with controversy over privacy issues related to the permissions it requests.
In light of these reports, Norton by Symantec have taken a look at the security issues surrounding Pokemon Go and how users can protect their device, such as;
- Free PokeCoin scams – the verification process requires users to fill in surveys, install applications, or sign up for services which the scammers earn money from
- Trojanized Pokemon Go apps – these gives hackers complete access to a users’ phone once downloaded
- Pokemon Go cheaters – users install a self-created trusted certificate on their phone which could be used to identify vulnerabilities in Pokemon Go’s backend API
- Permissions and privacy – the app generates a lot of data, like location profiles and movement patterns
- Mitigation – advice to ensure that users reduce the risk of these attacks
For more information, you can read Symantec’s blog here.
Tips to Stay Safe on Pokemon Go:
- Avoid downloading Pokemon Go from unofficial marketplaces, as attackers can use these sites to deliver malware disguised as legitimate apps
- Install the Pokemon Go update that removes the request for full access to Google accounts
- Stay away from game-cheating tools, as they could be fraudulent or may contain malware
- Keep your smartphone’s firmware updated to prevent vulnerabilities from being exploited
- Use strong and unique passwords for your Pokemon Go account
- Pay close attention to the permissions that apps request
- Install a suitable mobile security app, such as Norton, to protect your device and data