Smartphone shoppers: watch for online tricks

People crowd the aisles inside a Macy's department store after the midnight opening on "Black Friday" in 2011. Attention smartphone shoppers: watch for cybercriminals using phony apps or messages in an effort to hijack your device or steal your data.

Attention smartphone shoppers: watch for cybercriminals using phony apps or messages in an effort to hijack your device or steal your data.

Law enforcement and security experts say that as more people use their mobile devices in stores and on open Wi-Fi networks, the risks are increasing as well.

The FBI-backed Internet Crime Complaint Center is warning consumers to be on the lookout for fraudulent apps, messages and Wi-Fi networks which can trick users of mobile devices to divulge passwords, personal data or credit card numbers.

"Many times, e-mails, texts or phone calls will look or sound like they are coming from a well-known retailer, stating a need to 'verify' the full credit card number you used for a purchase or ask you to click a link to update personal account information," the center said.

The center said Android devices are often targeted by spyware, including one system called FinFisher, capable of taking a mobile device, or Loozfon, "an information-stealing piece of malware."

Security firm McAfee's Gary Davis said that as the popularity of apps surges, "so have the chances that you could download a malicious application designed to steal your information or even send out premium-rate text messages without your knowledge."

Davis said some fraudsters are using Twitter ads offering special discounts for popular gifts, linking to malicious software.

"Criminals are getting savvier with authentic-looking social ads and deals that take consumers to legitimate looking websites," Davis said.

"In order to take advantage of the deals or contests, they ask them for personal information that can obtain a shopper's credit card number, email address, phone number or home address."

Lookout, a security firm offering free apps for Android and iPhone, also urges prudence.

"Be careful what you do on public Wi-Fi networks especially when you're shopping. Do not expose passwords, account numbers or credit card information unless you are certain that you are on a secure connection," a company statement said.

"Use discretion when downloading apps. Even the most innocent-looking shopping app can contain software designed to steal personal data, make fraudulent charges or even hijack your phone. Only download apps from sites you trust."

Explore further: Google puts malware scanner in Google Play pipeline