We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

18 Predatory Android Loan Apps Have Defrauded Millions

18 Predatory Android Loan Apps Have Defrauded Millions
Zane Kennedy Published on 15th December 2023 Former Cybersecurity Researcher

Leading cybersecurity research firm ESET has recently discovered 18 Android loan apps which are scamming users, now known as the "SpyLoan" scandal. These apps, which have been downloaded over 12 million times from Google Play, have been deceiving users with the promise of quick and easy financial aid. Instead, they have engaged in extortion and predatory lending practices, while also exploiting sensitive personal and financial data as leverage.

ESET’s research shows a global impact, with the SpyLoan apps primarily targeting users in Southeast Asia, Africa, and Latin America, with significant activity being seen in Mexico, Indonesia, Thailand, Vietnam, India, and Nigeria. The apps are advertised and delivered through various sources, including Google Play, third-party app stores, and scammer-run websites.

A disturbing aspect of these apps is their tactic of impersonating reputable lending institutions, deceiving borrowers and damaging the reputation of legitimate financial services. This has led to real financial institutions issuing warnings about these fraudulent apps.

In response to ESET's findings, Google removed 17 of the identified apps from the Play Store as part of its App Defence Alliance efforts. The final app ESET detected has remained on the Play Store after changing its functionality and permissions — ESET has found that it can no longer detect it as a SpyLoan app.

The psychological and financial aftermath for the victims of these apps has been severe. Beyond the financial exploitation, individuals have faced intense psychological distress due to aggressive harassment and threats of public exposure. The operators of SpyLoan apps have used personal data as leverage, enforcing repayment through intimidation and public shaming, a tactic that adds a deeply personal and distressing dimension to the scam.

To counter this threat, ESET advises users to exercise caution. Recommendations include downloading apps only from official sources, carefully reviewing user reviews, and scrutinizing the extent of app permissions. A critical red flag is if the suspect app requests access to extensive personal data, a common tactic in such scams.

The SpyLoan scandal serves as a grave reminder of the dangers in the digital lending sector, emphasizing the need for constant vigilance among users and further efforts by cybersecurity entities and app platforms to protect against sophisticated predatory practices. As the digital finance ecosystem expands, the importance of maintaining its integrity and ensuring user security becomes increasingly paramount.

About the Author

Zane was a Cybersecurity Researcher and Writer at vpnMentor. His extensive experience in the tech and cybersecurity industries provided readers with accurate and trustworthy news stories and articles. He aimed to help individuals protect themselves through informative content and awareness of cybersecurity's crucial role in today's digital landscape.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address