GumTree App and Google Ad Scam

The GumTree App has “In App Ads”, by Google. I only started using the App yesterday and I didn’t realize this. So, when I opened the app this morning to check on a buyer’s message, there was a large “message” covering 1/2 of the phone screen, telling me to “Verify Your Account”. I thought it was a GumTree verification step, because I had only just started using the app. I tapped “Verify” and things proceeded with one of those circular completion hoops, which finished after about 20 seconds and then it told me the download was ready and a download button appeared. That made no sense so I bailed. At that point I also noticed I was running in a new tab in my browser. I closed the tab, then closed the browser. I also closed the GumTree App.

On restarting the GumTree App the prominent “Verify Account” message was still there. This time I noticed a tiny (i) and … in the top right of the message. Tapping there told me this was a Google Ad, and presented me with options, including finding out who the Ad was from. I learned it was from a “verified” company in the UAE, VECTRA Technologies. There was a further Google Ad option to supply feedback. I used this and selected “inappropriate” from the options presented. There was no “scam” option. (If you search for VECTRA Technologies you get a tonne of heavy IT-bro jargon, including “deep”, “attack”, “leverage”, “expertise”, “professional”, “integrated”, “protect”, “cyber”, “cutting-edge”, “AI”, “smart”, “cloud”, “technologies”, “advanced”, “threat intelligence”, “global”, “regional”, and on and on.)

The point of all this, is that this was a scam. At no point was I informed by GumTree or by Google let alone VECTRA Technologies in the UAE that what I was doing had nothing to do with GumTree. It was an ad designed to have me download something onto my phone.

Thanks for the heads up @TomK. I fully agree that the big tech companies need to do more to prevent scammers advertising on their adverting platforms.

I have my own story which occurred between Christmas and New Year - apologies for it being long winded, but is is important to let others know what scammers will do:

My father-in-law did something similar recently. Clicked on a popup advertisement and inadvertently loading a malware advertising app on his Samsung smart phone. This resulted in full screen popup advertisements every 30 or so seconds. There was one popup which came up regularly advising that to remove the advertisements, to contact ‘Samsung Support on XYZ’…which he did. It was scammers. They managed to convince him, since they were ‘Samsung’ and he had rung the ‘Samsung Support Number’ to install a Samsung app which gave them full control of the phone, including allowing them to redirect calls. His phone was hacked.

He spoke to us soon thereafter and we told him to turn off his phone and contact his bank (as he had the bank app on his phone and used the phone for security checks) on my mother in-laws phone. Something I didn’t realise is that can can monitor calls when a phone is hacked. They then rang him on my mother-in-laws phone and pretended to be the bank. The ‘bank’ said to his turn it back on as the ‘bank’ needed to check some details on the phone, as they were liaising with ‘Samsung support’ to fix his phone. The also said one shouldn’t trust anyone who calls, and he should ring the ANZ on his phone so he can verify it is the bank he is talking to - which he did, but was redirected to the scammers. He thought he was talking to ‘Samsung Support’ and his bank (ANZ). Fortunately we decided to follow him up to ensure that he had turned his phone off and had contacted the bank. We said again to turn the phone off but he said it isn’t what the bank or ‘Samsung Support’ want him to do. He refused to acknowledged that he was talking to scammers and left his phone on as a result.

As we live interstate, we contacted a family member who rang ANZ on his behalf. ANZ would not initially do anything until the family member (who is a lawyer) said the bank will be held fully responsible should any monies be lost. They then immediately actioned a freeze on their accounts and cards. The bank could see that there was unusual activity on his online accounts as someone had tried to transfer funds out but were unsuccessful. The bank could see this and used this as evidence to take action. This remove the opportunity for the scammers to try transferring again as the accounts were frozen. As vengeance, the scammers corrupted the phone’s firmware rendering the phone unusable, even with a manual factory reset. The phone was taken by a family member to the real Samsung Support at one of their retail centres. They managed to reinstate the phone using their own methods for a hard factory reset. The real Samsung also advised that they both get new phone numbers as the scammer will persist in contacting the in-laws as they know they are susceptible to scams. New phone numbers were arranged with Vodaphone.

A visit to the bank was also required to get new customer credentials as confidential customer banking details were provided to the scammers (such CRN, verification information, passcodes, personal details etc) which could have been used in the future to gain access to online banking.

Even today, the in-laws still think they were talking to ‘Samsung Support’ and the ‘ANZ’ bank as he had rung their numbers. Unfortunately, there appears to be a lack of understanding of how smart phones work and how scammers can control hacked phones such as redirecting calls to them. We have managed to convince both in-laws only to use the phone for calls and not to install any banking apps. Fortunately other family members are on the same page and check regularly that apps haven’t been installed.

Unfortunately staff at the local ANZ branch keep recommending my in-laws to install the banking app to make baking easier for them, including saving visits to the branch to do some banking.

Congratulations to your whole family on the way that you have managed this disaster. Old-type thinking and trust doesn’t match comfortably with current tech and its potential for evil. Pity that your vigilance and care isn’t appreciated, but take heart, it’s admired from afar.

Same here. As soon as I realised the app was full of ads unrelated to my intent, I deleted it. I wanted to advertise some free stuff but as a result I have returned to (shock, horror) facebook and its marketplace. Seems to me that Gumtree has been slowly dying since google bought it.

Facebook marketplace is also very risky. Recently my daughter bought something secondhand that way. And paid. She then checked her bank account to check the money had gone through. It had plus a lot extra!! So she immediately blocked the seller and rang her bank who said that this is a common type of scam and very luckily she got her money back!!

Or I could summarise it pithily as: a smart phone has a very high attack surface and is a completely inappropriate device for anything to do with security.

One thing to do for elderly relatives is to take away their authority to install new apps at all. That way, no matter what social engineering and other trickery the scammers try, the rello simply can’t install the app.

Yes, this is patronising and generalising. It won’t work for every family but …

Not worried about GumTree any more though because they refuse to deal with anyone who refuses to use a mobile phone. Problem (with GumTree) solved.

Is Gumtree still a thing? Was a cesspit of scammers almost from the start……

Ummm - Google do not own Gumtree.

It’s a bit hard to work out who does own Gumtree. See the References section of Gumtree.com.au - Wikipedia .

Between 2002 and 2022, it went through 5 owners, the fifth being “The Market Herald” – which has since been sold, and is now called “Gumtree Australia Markets”!