News·4 min read

Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs

Cybercriminals are constantly finding new ways to manipulate consumers using trusted corporate identities. Recently, a highly coordinated scam campaign has emerged that leverages the names of major br

CS
CyberShield Team
2026-07-03
Share:
Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs

Cybercriminals are constantly finding new ways to manipulate consumers using trusted corporate identities. Recently, a highly coordinated scam campaign has emerged that leverages the names of major brands to push online gambling platforms. By combining fake social media advertisements, forged app store listings, and Progressive Web Apps (PWAs), threat actors are successfully tricking users into […] The post Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs appeared first on Cyber Security News.

Cybercriminals are constantly finding new ways to manipulate consumers using trusted corporate identities. Recently, a highly coordinated scam campaign has emerged that leverages the names of major brands to push online gambling platforms. By combining fake social media advertisements, forged app store listings, and Progressive Web Apps (PWAs), threat actors are successfully tricking users into handing over their money. This campaign targets consumers globally by impersonating well-known household names. Financial institutions like Monzo and Barclays, retailers like Amazon and Tesco, and streaming giants like Netflix are all being used as bait. The ultimate goal of the attackers is not to steal banking credentials directly. Instead, they want to earn lucrative affiliate commissions by driving completely new users to third-party casino websites. Fake App Stores Push Gambling The attack chain begins when a consumer is served a paid advertisement on social media platforms such as Facebook, Instagram, TikTok, or Threads. These ads falsely claim that a trusted brand has launched a new online casino product. To quickly figure out which campaigns get the most clicks, threat actors use standard affiliate marketing tactics. Fake Play Store page for “Amazon Slots.” This is the landing page that the above “Tesco Slots” ad leads to (Source: netcraft) They run multiple ad variants simultaneously on the same day, testing different copy and video combinations. In the most advanced examples, attackers use AI-generated promotional videos. These deepfakes are built from scratch to show fake employees standing outside real bank branches or supermarkets. They often depict ordinary people in relatable, everyday situations claiming that these branded slots offer an easy route to large cash winnings. When a user taps on one of these compelling ads, they are directed to a highly deceptive web page. The most common format is a fake landing page designed to mirror the exact look of the Google Play Store or the Apple App Store. Example of text-based ad mentioning Amazon Slots (Source: netcraft) The attackers go to great lengths to make these fake listings appear completely authentic to an unsuspecting visitor. These fake app store pages prominently feature the impersonated brand’s official logo as the application icon. They also display fabricated download counts, high star ratings, and fake user reviews praising the game. In some cases, scammers even include fabricated responses from the developer to make the listing appear actively managed. Another tactic involves presenting the consumer with an interactive mini-game before they reach the store page. This is usually a digital spin wheel branded in the targeted company’s colors. The game is always rigged to produce a winning result, after which the victim is promptly directed to install the application to claim their prize, netcraft said. The technical core of this scam relies heavily on how the application is delivered to the victim’s device. When the user taps the install button on the fake app store page, no actual mobile application is downloaded. Instead, the malicious page prompts the user to install a Progressive Web App. Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google. The post Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs appeared first on Cyber Security News.

Share:

Join the Discussion

Comments coming soon. Follow us on social media for real-time discussions.