By John Gruber
Jiiiii — All your anime stream schedules in one place.
Mike Kosak, writing for the LastPass company blog:
LastPass would like to alert our customers to a fraudulent app attempting to impersonate our LastPass app on the Apple App Store. The app in question is called “LassPass Password Manager” and lists Parvati Patel as the developer. The app attempts to copy our branding and user interface, though close examination of the posted screenshots reveal misspellings and other indicators the app is fraudulent.
“LassPass” sounds like a Scottish dating app.
I was able to install LassPass earlier today, before Apple removed it. I think it’s just a blatant brand rip-off, not an attempt to phish the credentials from actual LastPass customers. The app itself doesn’t look like LastPass, and never prompts you to log into an existing LastPass account. Instead, the scam LassPass app tries to steer you to creating a “pro” account subscription for $2/month, $10/year, or a $50 lifetime purchase. Those are actually low prices for a scam app — a lot of scammy apps try to charge like $10/week.
But whatever LassPass is, it obviously shouldn’t have been approved by App Store review. And that leads to a predictable knee-jerk response:
Branscombe is correct that even isolated incidents like this hurt Apple’s arguments in favor of App Store exclusivity. But what’s the counterargument? That anything short of 100 percent accuracy at flagging scams and rip-offs renders the entire App Store review process pointless? That if, say, 1 in every 1,000 scam attempts slips through, the entire process should be scrapped? That argument can’t be taken seriously.
★ Thursday, 8 February 2024