Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – Apex Legends fans targeted with Phishing and Malware Campaigns

Apex Legends phishing scam

Fraudsters are attempting to cash in on the massive success of ‘Apex Legends’ by targeting fans with a fake mobile app version of the game loaded with malware.

Apex Legends is a free-to-play battle royale game developed by Respawn Entertainment and published by Electronic Arts. The game was released on February 4, 2019, and it has already amassed a global audience of 25 million players.

At the current time, the game can only be played on a PC, or consoles like the PS4, Nintendo Switch or Xbox one. However, there is a huge demand for a mobile version of the game and hackers have been quick to capitalise on this increase in demand to launch their malicious scams.

When gamers search online for ‘Apex Legends Mobile Downloads’, they are presented with links that supposedly contain an installer for the game as seen below.

Image: Apex Legends fake download page: (Source: Kaspersky)

Apex Legends scam

Despite appearing legitimate, the fake app is an adware downloader that generates a profit for its developer by displaying online ads to the victim. The links are also capable of delivering a much more damaging and destructive malware.

Fake videos have also appeared on YouTube providing users with advice on how to download and install the game. To access the content, users are instructed to a click on a link, which will either directly infect their device with malware, or bring them to a phishing website where they will be targeted with yet more scams including the Apex coin scam and other game cheats.

Up to 100,000 people have already fallen for the scam, however YouTube has since confirmed it has removed the malicious content from its site.

Image: Apex legends Scam videos on YouTube (Source: Bleeping Computer)

Apex League scam videos on YouTube

The malicious campaign bears striking similarities to the tactics that were used to target ‘Fortnite’ players in late 2018. Both games have become massive viral hits, that unsurprisingly, have attracted the attention of cybercriminals who are keen to exploit this mass market.

To avoid being scammed online, you should always double check the validity of a URL, only buy apps from trustworthy sites, never click on links or download attachments from unknown sources, and if something doesn’t seem right about a site then you should leave immediately.

If you’re looking to start a phishing awareness campaign or would like more information on how to protect yourself online, contact us to find out how we can help.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations