GST apps may be malware
Think twice before downloading third party GST apps on your smartphone for GST-related queries. Cyber experts have raised the alarm over apps that claim to assist in calculating or filing Goods and Services Tax (GST) returns.
Security agencies asserted that market is flooded with scores of apps that claim to be providing information about government schemes and initiatives, of which most of them are suspectious in nature and not safe to use.
According to the cyber experts, most of these suspectious mobile applications allegedly work for data capturing or spoofing. There is a pool of applications run by individuals that is based outside the country or may be running from unidentified location as there is no regulatory body to keep check on them.
Besides GST, fake apps on checking daily fuel price have also overflow the market. “The situation is worrying as most of the applications on government initiatives are suspicious in nature. I have scanned several apps offering GST calculation and checking daily fuel price and found only a handful of them actually useful.
Other apps may be just involved in data capturing,” said cyber security expert Kislay Choudhary, chairman of NGO Indian Cyber Army. Choudhary explained that most of the apps took permissions to access mobile gallery, phone, contact, messages, camera and GPS location which are not required.
“It cannot be ruled out that most of the apps are misusing the data accessed by them. They could sell these data or may use it for nefarious purpose like spying,” he said.
According to the experts, scamsters cash in on curiosity of people and accordingly develop an app. Post demonetisation, several financial apps popped up for download, a similar trend was witnessed for fuel price indicator and GST calculation.
Shockingly, even the dubious apps have thousands of downloads with high rating. Score of dubious apps are also active in the name of Prime Minister Narendra Modi. A simple search on the play store throws up dozens of Narendra Modi apps, some even calling themselves fake apps.
Earlier, one of the apps running on his name was found to be using a Bangladeshbased web host and email address. According to experts, the play store is also flooded with fake banking apps, which takes full access of the user’s files. “Application-making is the latest trend as there is an app for everything in market.
Many of these apps are discrete data collection tools. How much permissions an app should take from the user and what does the app do of the data gathered should be regulated and it is a key topic to be covered under privacy law,” said Mumbai-based cyber lawyer Prashant Mali, adding that only government apps should be considered safe.
Even the security agencies Cop ‘punished’ for taking on BJP men have found that online fraudsters are creating fake government websites carrying the name and picture of prominent leaders and then circulating the malicious links on social media platforms.
Central government’s ambitious DigiLocker app also faced duplicity issue as fake mobile apps claiming to be the real one flooded the Google Play Store.
This is particularly dangerous because personal information is at risk of being stolen by cyber criminals in case someone uses these fake apps. These fake apps function like regular government portals as once the user enter the site, they have to complete regular formalities. According to experts, one should be cautious in sharing information online, especially for those trending apps.