A new breed of scam via fitness trackers and health apps is allowing cyber crooks to select their victims without breaking a sweat, reveals cybersecurity company NordVPN.
The fraud works by criminals signing up for online social groups linked to popular exercise apps and gadgets like Fitbit. They then slowly befriend users over shared exercise goals before setting out to mine personal information or manipulate them into sending over money.
For more information and tips to avoid fitness scammers, here are some comments from Marijus Briedis, cybersecurity expert as NordVPN.
Marijus Briedis, cybersecurity expert at NordVPN, comments: “The trend in fitness tracker fraud shows it’s no longer enough just keeping an eye out for scammers while on your mobile or laptop — now they could be targeting you on the treadmill.
“Health apps have never been more popular, and with many synced to the smart watches glued to our wrists 24/7 they’re a target-rich environment.
“In particular, cyber crooks are taking advantage of the increasing number of digital communities linked to our fitness tech. Some of these, like Fitbit groups, have thousands of users looking for camaraderie and motivation, so the impulse is strong to share information about yourself, as well as your exercise goals.
“Once a scammer has you in their sights, what begins as bonding over a recent workout can quickly turn into a form of social engineering where they seek to mine as many personal details as possible while your guard is down. This can ultimately lead to attempts to manipulate you with fake personal stories, investment ‘opportunities’ or even identity theft.
“To stop them in your tracks, avoid sharing any identifying information and keep a basic ‘vanilla’ profile on your online groups, using an avatar or no picture at all. As with romance scams, beware of any requests from strangers, chats that veer away from fitness topics, or attempts to move the conversation onto another website or app. On the other hand, if you’re already a victim of any romance fraud scheme, then it may be best to contact the most reputable professional/service.
“It’s also worth looking over the permissions you grant any apps you download onto your phone. Check in app marketplaces to see if you’re giving away more than you should.
“While some running or cycling apps will request special access to your location settings to track your favourite routes, there’s no excuse for a blood pressure checker getting hold of your call history or being able to see your photos. As a minimum, make sure that any fitness apps you add allow you to delete your data.”