Uber is everywhere. As of 2017, Uber was the tenth most popular app on Apple’s app store and had been downloaded between 100 to 500 million times on Android.
The ride-sharing service is in a large part responsible for a transit revolution, providing taxi services at a fraction of the cost of its cab company competitors.
Hackers, however, are honing in on the app’s gargantuan user base, using a fake app to target their personal data, according to Fast Company.
The fake app targets Android users specifically, using the (go figure!) Android.Fakeapp malware.
The app was discovered by the security firm Symantec.
The way the malware works is simple: after a user downloads the fake app, it will launch a login screen which looks nearly identical to Uber’s legitimate version.
Once a user enters their user ID and password and hits “next,” the malware then launches the real Uber app, producing no cause for suspicion.
Symantec recommends that users only download applications from trusted sources to avoid this scam.
This isn’t the first time fake apps have made it onto the Google Play store, as millions of users have been tricked by everything from fake Angry Birds apps to fake Netflix apps.