Pokemon Go was a huge phenomenon this summer. In July, the US reported there were 15 million downloads of the app. The popularity of the augmented reality app has made it a target for cyber criminals.

Pokemon Go is a Security Risk

When Pokemon Go first launched users automatically granted the app full access to their Google accounts. The sign-up process made users’ Google accounts vulnerable. Giving an app full permission can pose major security issues for a company. If a business account is connected, the app would have access to important information. That also means the app could modify anything in an account, including files and photos, and access search history. Niantic, the company that created the app, addressed the issue and is currently working on ways to limit access.

Scammers Catch Users with Malicious Attacks

More recently, scammers are using the game as a means to infect devices with malware. An article by SC Magazine discussed how researchers discovered 167 fraudulent Pokemon Go related social media accounts. Attackers used the accounts to redirect users to malware and other malicious cyber attacks. If employees are using their personal devices to access company information this can be a costly problem. This type of attack can lead to a data breach or install ransomware to the computer network.

Stay Clear of Unauthorized Apps

In the SC Magazine article, it also mentioned between 75 and 80 percent of the top free apps are breached. For the top paid apps breaches increased to 90 percent. To avoid these attacks users should only install apps that are directly released by the app company. Also, review the permissions that an app request.