We’ve identified a huge social-engineering campaign designed to steer people into online gambling sites under the impression they’re installing a legitimate app.
We’re calling it FriendlyDealer. It’s been observed across at least 1,500 domains, each hosting a website that impersonates the Google Play or Apple App Store. Users think they’re downloading a gambling app from a trusted source, with all...
The "FriendlyDealer" campaign is a masterclass in exploiting trust mechanisms without technically violating them. At its core, it weaponizes the legitimacy of app stores and browser features to create a seamless deception. The strongest version of this narrative highlights how modern digital ecosystems—designed for convenience—can be repurposed for exploitation. The operators didn’t hack systems; they hijacked user expectations. The use of PWAs, a legitimate technology, to bypass traditional app...