Comment on Clubhouse App: Tenable
Clubhouse, an invite-only app available on iOS is seemingly the next big thing in social media for casual, drop-in audio conversations with anyone or sometimes even celebrities. As of Feb 2021, the app had 8 million downloads. Just as apps offer opportunities to learn and connect with others, they can also be breeding grounds for scammers. Satnam Narang, Staff Research Engineer at Tenable who has done extensive research into scams on social media platforms such as TikTok, Instagram and Cash App, offers his comments on the challenges and opportunities Clubhouse might present to scammers.
“In February 2021, Clubhouse topped 8 million global downloads for its invite-only voice-based social media app that is currently only available on iOS devices. Historically, I’ve found that when an app surges in popularity with users, scammers quickly take notice and find their own niche around them, whether it’s Facebook, Twitter, Instagram, Snapchat, Tinder or TikTok. There are a few challenges that Clubhouse presents to scammers as well as opportunities.
“For instance, because the app is voice-driven, there is no way to chat with users in order to peddle links to scams, which is often a scammer’s preferred method. Clubhouse does allow users to promote social profiles for Instagram and Twitter, which is the most likely way users will be driven to scams. I saw this in my TikTok research a few years ago, when scammers were promoting adult dating scams, they would ask the users to add them on Snapchat in order to take them off the platform.
“There have been reports that Clubhouse rooms have been created to promote get-rich quick schemes or fake coaching offers. They drive users off Clubhouse to social profiles created to promote these so-called opportunities. These benign profiles aren’t likely to get removed until after users have parted ways with their money, making this type of scam extremely lucrative.
“There is also an impersonation problem that faces other platforms and has already started to emerge on Clubhouse. After Elon Musk joined Clubhouse, a few fake Elon Musk profiles appeared on the platform. There are reports of other notable figures who aren’t actually on Clubhouse, but have been told by their fans that they were in a room with them. I expect this to continue until Clubhouse starts incorporating some sort of verification mechanism within the platform for these notable figures.
“The Clubhouse app itself is undoubtedly being examined by security researchers for flaws. We’ve already seen reports that users have been able to snoop on audio from Clubhouse rooms and create unofficial Android versions of the app until an official one is released.
“Unofficial versions of Clubhouse for Android is another area that is ripe for abuse. With the ability to sideload applications on Android devices, cybercriminals can create fake versions of Clubhouse that perform malicious actions on the users’ devices and potentially lead to financial harm.”—Satnam Narang, Staff Research Engineer, Tenable
ANALGESIC PRODUCTIONS ANNOUNCES ‘SEPHONIE’ FOR 2021 RELEASE ON PC
