A fake Google Wallet app is being given access to Google accounts
Google Pay is what became of a merger between Android Pay and Google Wallet way back in January of this year. Google Wallet was used for holding funds, Android Pay was used as a mobile payments application. Given the similarities in services, an amalgamation of the two was inevitable. This lead to both the Android Pay and Google Wallet names becoming defunct, though not everybody may know that. Despite the fact that Google Wallet is dead and gone, that doesn’t stop scammers from trying to resurrect it for nefarious purposes. Several users have reported that they are receiving emails saying Google Wallet was granted access to their Google accounts.
What’s worrying is that all of the details regarding the granted access suggest a compromised Google account. An unrecognized developer with the app being from an unverified developer spells trouble, made even worse by the fact that it’s for an app that hasn’t existed for a long time. Google has confirmed an investigation of the issue on their issue tracker. Users who find that their Google Accounts have granted access to this app can revoke the permission here. This is an incredibly dangerous app as it has access to both the Google Pay Sandbox and Google Payments, meaning that money could be sent from your account to another.
If you’re worried, you can check out your Google account’s activity here. It’ll show you all kinds of things that you’ve done, including payments that may have been sent by the fraudulent Google Wallet app. So far, users haven’t reported payments getting sent, but given the level of access that it has, it would appear to only be a matter of time before they start. Users would be expected to confirm their CVV before any transactions are made, but the level of access that it has – coupled with the fact that it seemingly granted itself access – has users worried as to what exactly it can and can’t do. We’ll be keeping a close eye on Google’s updated response on their issue tracker.