Rogue app in Windows Phone Store stole customer data before being pulled

Getting phished online is one of the worst things that can happen. You unknowingly give up your personal information and login credentials to an unsavory party. It also recently happened in the Windows Phone Store to customers of Telfort, a telecommunication company in the Netherlands. The app has since been pulled, but serves as a reminder to think twice before downloading an app.

An unofficial app in the Windows Phone Store masquerading as an app for Telfort, a subsidiary of KPN, was pulled after leaking personal data from customers. Telfort shut down a portion of their site last week after it had learned that over a thousand passwords and phone numbers had been posted online. The section of the website that was shut down was the My Telfort page, which allowed customers to check their account and make changes. The move to shut down a portion of their site was preventative until they could figure out what was going on.

It later opened the My Telfort page after learning that it wasn’t a security breach in their network, but a rogue app collecting data from customers. The app had the official Telfort logo and asked customers for their login information so that they could check their account. The app has since been pulled from the Windows Phone Store.

Odds are you’ll never get phished in the Windows Phone Store if you’re savvy enough to be reading a site like Windows Phone Central. However, we’re all in the minority since we’re tech enthusiasts. Average users can easily be tricked into downloading an app that looks official and unknowingly give up their information.

Let this be a reminder to think twice before downloading an app that doesn’t look legit. Check who the developer is and what apps they’ve also worked on. Look at reviews already in the Windows Phone Store. Ask the community if the app looks like the real deal. There’s no perfect strategy to avoid getting phished and hacked, but the best strategy is to just use common sense.

Source: KPN, Via: ZDNet

Sam Sabri