Fake ToTok iOS app steals $199 from a Dubai-based user

The popular ToTok instant messaging and video calling app which has been into controversies for the past couple of months has again got the attention of the media after a user from Dubai reported a theft of $199.


Amid controversies, the TokTok app was taken off from Google Playstore and iOS Appstore back in December. The app was introduced a few months ago immediately got the user attention downloaded by millions of users across Middle East, Europe, Asia, Africa and North America. According to the New York Times, ToTok became one of the most downloaded social apps in the United States back in December; and it is a tool used by the government of the United Arab Emirates to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.

Cutting-edge solutions to help businesses streamline their operations and increase efficiency.
ⓘ Advertisement

The app was reinstated on Google Playstore back in January and was removed again a few days back. Doing thorough research, LAFFAZ couldn’t identify why Google let ToTok back in its Playstore in the first place.

Coming back to the latest story of $199 amount theft. As published on Gulf News on Thursday, 13 February, a user from Dubai downloaded the ToTok app to talk to her brother. She was aware of the fact that ToTok was taken off from Apple Appstore but she still searched for it in the Appstore and found an app called ‘Totok Chat’. Without thinking for a second the user downloaded the app and later realised that it was not the original ToTok app but a fake one masquerading as original – after she got $199 deducted from her account. As you can see in the screenshot shared by the user below, the name of the developer ‘APERON’ while the developer of the original ToTok app is Breej Holding, even the icon is different than the original one.

Credits: Gulf News

After downloading the app, a pop-up appeared on the user’s mobile screen saying that she just made a transaction of $199.

A pop-up appeared to type in my passcode (my Face ID failed recently on my Apple iPhone XS Max, big surprise). So the pop-up said: This app is 0.00AED. Cool. Most apps cost me 0.00AED.

After putting my passcode in, my Apple Pay popped up to inform me that I just made a transaction of $199.

I was confused. The ToTok app was free. And even if it wasn’t free, there’s no way it would cost Dh730. I immediately checked the app. It was a blank blue page. You couldn’t do anything with it. I investigated further. The app was based out of Russia, since the phone number and email address given indicated such.

Gulf News

After a quick research, the user found a number of reviews affirming that the ‘Totok Chat’ app was a scam and called the bank immediately. The bank asked her to contact Apple or the App developer.

This did not just happen, I thought to myself. I called my bank immediately. “Ma’am you have to contact Apple or the app itself to try and get a refund. If that doesn’t work, call us back and we will have to block your card and try to despite the amount.”

Gulf News

She immediately visited Apple.ae and found a phone number – calling on the same, she connected with an Apple customer service representative named Meghan and explained the issue. Meghan couldn’t help as there were no recent transactions listed. She further suggested the user to contact Apple Pay. So she did it but that couldn’t help her too.

This clearly means that there was no evidence against the transaction and the fake app managed to bypass Apple’s security.

Gulf News got in touch with Apple to comment and they sent over a brief statement. “We can confirm that the app is no longer on the App Store.”

Pradeep Singh
Pradeep Singh

Former interim CTO at LAFFAZ. A full-stack developer, possessing 6+ years of experience in working closely with tech startups in India and UAE.

Connect: LinkedIn