Users, on an average, are spending more time engaged with the new Pokémon GO app than any other apps like Snapchat.
But, before downloading and playing Nintendo's new location-based augmented reality game, users are required to keep the following points in their minds:
1. Unofficial Pokémon GO app might contain Malware
Since Pokémon GO is currently available in only a few countries, many third-party gaming websites are offering tutorials due to huge interest surrounding the app, recommending users to download the APK from a non-Google Play link.
Users need to "side-load" the malicious app to install the APK by modifying their Android core security settings, which allows their device's OS to install apps from "untrusted sources."
However, researchers have discovered that many of these online tutorials are linked to malicious versions of the Pokémon GO app that install a backdoor, called DroidJack, on victim's phones, enabling hackers to compromise their device completely.
2. Protect Privacy While Using Pokémon GO
If you're playing Pokémon GO, then forget about your privacy.
Since this augmented reality game requires your GPS location and a data connection (either WiFi or cellular data), you can not expect your privacy to be secured while playing this game.
However, still, users can avoid playing in locations where they do not want to be tracked.
Also, don't use your personal Gmail account to log in, as this links your personal information including your GPS location and Pokémon GO activity. Either use a burner Google account.
For this, create an all new Google account, with nothing in it, and use this account to sign into Pokémon GO as well as other apps that you may find doubtful.
Although the security hole has been patched, previous versions of Pokémon GO app required extensive permissions to your Google account, so make sure your app is up to date.
3. Beware of Pokémon GO-themed Malicious Apps on Google Play Store
Researchers from popular antivirus firm ESET have spotted at least three fake Pokémon Go apps on the Google Play Store. Of them, the one titled "Pokemon Go Ultimate" posed the biggest threat to Android users.
Pokemon Go Ultimate renames itself "PI Network" and deliberately locks the screen of the victims' devices immediately after being installed, rending the devices unusable.
The only ways to get the infected phone unlocked are to remove the device's battery or reboot the device via the Android Device Manager.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
Even after restarting the device, the app removes itself from the device's app menu, but still continues to run in the background and silently clicks on porn advertisements in an attempt to generate ad revenue for its creators.
The worse: Researchers say that the malicious app is just one step away from being Ransomware.
Although Google has removed the fake Pokémon GO app, users who had already downloaded the app would need to uninstall PI Network manually through their device's application manager.
The rest of the two fraudulent Pokémon apps produced fake security messages in an attempt to trick users into paying for an antivirus service that actually does not exist.
Currently, all three apps seem to be removed from Google Play, but be on guard: more are likely to show up in the coming days.
So, before head out to catch 'em all, just make sure you are downloading the legitimate Pokémon Go app. Here're ESET's full advisory and security recommendations.
4. Go catch Pokémon, But Just Watch Out!
Later it was revealed that a 28-year-old car driver was reportedly playing "Pokémon GO" and got distracted, thereby ran his vehicle off the road and crashed into a tree.
Another case reported by the San Diego Union-Tribune involved two men apparently playing Pokémon GO were rescued after falling off a 90-foot ocean bluff in California Wednesday afternoon.
The victims are fine, but that's not the point.
The point here is that do not put your or others lives in danger. Don't play the game while walking, driving and biking.
The Auburn Police Department has also released an advisory to remind drivers to use "common sense" while catching Pokémons and keep their eyes on the road at all times.
Here're some important points that players must keep in their minds:
- Do not use the Pokémon GO app when you are operating a motor vehicle or bicycle.
- Do not trespass onto private property when trying to catch a Pokemon.
- Be aware of your surroundings when searching for Pokémon and do not just stare your phone without knowing hazards around you, like roadways, drop-offs, and waterways.
- Always use caution when sharing your locations — strangers can see your location data.
- Travel in groups in public/well lit areas.
5. Pokémon GO: Crimes, Robberies, Deaths & Other Problems
Pokémon GO sends players out to capture the virtual Pokémon characters that are superimposed in parks, streets, stores as well as inappropriate locations like the Holocaust Memorial Museum, 9/11 Memorial, and Arlington National Cemetery, as reported by CNN.
Across the America, the gamers have been drawn down dark alleys and into dangerous neighborhoods in search of the Pokémon characters, only to be targeted by criminals.
So, Pokémon fans need to be a little more vigilant while playing the game, because your life and your money are more important to an imaginary character.
6. Pokémon GO Cheats, Hacks, Punishment and Bans
Since Pokémon GO has taken the world by storm with gamers of all ages joining in with the Pokémon catching fun, players are making use of Pokémon hack and cheats to catch Pokémons with fewer efforts.
This augmented reality game requires gamers to walk around homes, parks and local surroundings to find new Pokémon, as well as achieve goals like hatching incubating eggs.
One can find the most common Pokémon in the distance of 2km eggs, with the rarest ones in the 10km eggs. This means you are required to walk a lot if you want to advance in the game.
So, players are using tricks like placing their phones on a record player or tieing their phones with a fan in order to increase their walking distance in no time at all.
In fact, tech-savvy players are spoofing their GPS locations with rooted and jailbroken devices, so that they can catch Pokémon without physically going to locations where the imaginary characters are actually located.
However, before using these cheats, players should be aware of the fact that they can be banned for up to five hours from playing the game.
Even worse, cheaters are being punished by encountering wild Pokémon characters, which runs away from them.
Although the company, as of now, is not imposing harsher punishments or bans, some rumors claim that Niantic could completely block players after a certain number of temporary bans.
So, we advise users to walk and find their favorite Pokémon characters as guided by the map.
Play the game the right way. Gotta catch 'em all!