There are so many ways that scammers try to separate you from your hard earned cash. And when you are dealing with some things that might be second nature to some but seem foreign to others, the potential for those in the latter group to get ripped off is huge. So that brings us to a report from CSIS Security Group about an app in the Google Play Store called "Updates for Samsung." The description of this unofficial app says that it "can now download any Android update, for any device or region, ever released." In addition, it provides Android news and tutorials, and other paid services.
Yes, if you register you can get firmware updates for free, but at a snail's pace (56Kbps). As pointed out in the report, at this speed the typical firmware update (approximately 700MB) would take over four hours to load. The update typically times out before reaching the end, motivating the user to move on to the next tier of service with a faster download speed. Eventually, the user is sufficiently harried enough to pay $34.99 for a one-year premium subscription (which we sarcastically note is a "tremendous discount" from the listed price of $239.99). And for $19.99, the app says that will SIM unlock your phone; it is unclear whether that service is actually provided after payment is made. The credit card information does not get rung up on the Google Play platform. Instead, it gets transferred to a website affiliated with the app called Updato.com thus violating Google's regulations.
Many of our readers are probably aware that they can access the latest firmware update for their Samsung phone directly from the handset. Samsung says to go to Settings > About phone > Software update.
Now, are you sitting down? The app has been installed over 10 million times and we would imagine that quite a bit of money has been collected from unsuspecting consumers. CSIS malware analyst Aleksejs Kuprins says that he has contacted Google about having the app removed from the Google Play Store. While it might not be considered malware, the only reason why this app exists is to get unsuspecting consumers to pay for something that they can get for free.
Don't pay for something that you can get for free directly from your phone
On the other hand, as Kurins notes, those of us who know how to load updates on our phones shouldn't judge those who aren't familiar with how mobile technology works. He says, ""It would be wrong to judge people for mistakenly going to the official application store for the firmware updates after buying a new Android device. Vendors frequently bundle their Android OS builds with an intimidating number of software, and it can easily get confusing. A user can feel a bit lost about the [system] update procedure. Hence can make a mistake of going to the official application store to look for a system update." But that doesn't mean that they should be easy prey for an app that rips them off blind.