Recently, SOMETHING really caught my attention! I have been contacted by a few doctors from various countries regarding on a recent serious scamming activity involving a viral app known as IMD. This is the website to it: http://imedicaldoctor.net/
So how does this work?
Here is their trick.
1) Seller will actively approach and spam every whatsapp group/telegram group/facebook group on their link to AMC QBanks channel.
One of the seller known as Dr Ameer actively promoting his "service" that he provides. Subscribing OFFLINE qbank and other well known resources such as UpToDate via his "app". |
2) They will offer Amedex, Mplusx, Canada Qbanks or even UpToDate OFFLINE access for low price for example $100 per year. They will ask you to PM/contact them personally if you are interested. FOR SUCH A CHEAP pricing, they usually can easily BAIT many people to contact them. They will also spam every few hours with screenshot to show proof of subscription being SOLD.
Same person "Dr Ameer" constantly promoting his service with "proof" of purchase by other victims to make his business look legitimate. |
3) Once you are interested and had contacted them. This is where EVERYTHING starts. They will tell you that they will provide you with a demo. BUT FIRST, they will tell you that they prefer to CALL YOU and BRIEF through phone as they claimed it will be easier and faster. But what you don't know is that they HAVE RECORDED YOUR VOICE from there!
He will try to bait you to purchase his "service" and DOWNLOAD his malicious "app" |
He will continue attract you by showcase the ability of his "app" and "service" for OFFLINE access |
conversation between the victim and the scammer #1 |
conversation between the victim and the scammer #2 |
conversation between the victim and the scammer #4 |
4) By showing you the demo, YOU are required to download a certain app from Apple store (for iOS user) or Google playstore (for android user). Once you have installed, they will provide you with a "demo" account and password.
scammer trying to convince victim to download the "app". (it will looks legit and can be found on appstore/google playstore BUT the description of app is not |
5) The installation of app is just the same as installing all other apps BUT for the installation to complete, you have to launch the app. Once you had launched the app, the app will definitely CRASH the first time. This is for them to run a hidden app in background mode. Malicious code will be injected into your phone even without you noticing.
DO TAKE NOTE THIS CRITICAL TIME (victim already downloaded the app at this point of time) Scammer trying call victim and to buy some time for the app to upload victim's personal credentials. |
6) Then after keying the demo account and password given by the seller, you can browse the database and select the items you want for example amedex qbank. In order to have access to that database, you have to download the database. You can choose either "Germany" server or "Iran" server. Do take note that this is a gimmick used by apps to enable access to download 3rd party data into your devices and of course it will be a 2 way traffic. meaning it is able to upload your data to the cloud as well. I am no IT expert but I know that by allowing traffic flow into the app means allowing external malicious code being downloaded into your device and it will act like as a malware and therefore they MAY have access to your credit card information and other personal data which was being stored in your device. Your whatsapp/emails/photos are all being exposed and uploaded to the server.
TAKE NOTE: BEFORE AND AFTER BEING HACKED
BEFORE HACKED
AFTER HACKED
This is the app AFTER being HACKED and malicious code being injected to victim's device |
the app already stole victim's device information |
scammer trying to call and "claimed to help with technical issue/login" They need to get more voice recording in order to duplicate and clone your voice for bank verification |
At this point of time, the app suddenly crashed, scammer ask victim to download the app again (this is just a cover up as the app has already injected malicious code into victim's device) |
Scammer attempted to call victim several times |
Now scammer became irritated as victim still unsure if to make the purchase or not |
scammer follow-up with victim to make sure victim still show interest in the product |
victim no longer show interest in the product but TRANSACTION WAS BEING MADE without approval of victim. Victim was totally scared! Contacted the bank and file for dispute. |
scammer immediately REMOVE victim's account and blocked victim after victim has discovered his INTENTION |
ONE of the scammer (he called himself Dr Ameer) Beware there are many of them and they are everywhere!!! But their trick will be similar! Just be sure to spot them! |
THESE ARE THE OTHER SCAMMER SELLERS DETAILS:
~DrAmeer +1 (347) 745 6648
~DrAli +1 (914) 639 2126
~Medstudy +1 (716) 503 6436
~Abbas + 1 (206) 278 0369
~Aemy + 1 (313) 497 2090
~Medicals Resources +1 (343) 808 5552
~Mike + 1 (914) 520 5026
~Amjad + 1 (341) 221 5779
~404! +92 310 9593251
UPDATE:
the owner of the app contacted me requesting me to REMOVE the post after I have posted on facebook.
Owner FB link: https://www.facebook.com/profile.php?id=100081595579056
You may read up more on how these malicious app steal your personal data.
MY ADVICE IS TO ALWAYS BE CAREFUL ESPECIALLY AT THIS MODERN ERA AND NOT TO BE TRICKED BY SIMILAR SCAM.
YOU MAY CHECK MY PREVIOUS POST FOR OTHER SCAMS THAT I HAVE EXPOSED THEM.
SHARE WITH ME YOUR STORY AND LET ME EXPOSE THEM!
DROP ME A FACEBOOK MESSAGE AND I WILL EXPOSE ALL THESE SCAMS/FRAUDS FOR YOU!
https://www.facebook.com/profile.php?id=100046518678415
HOW TO PROTECT YOURSELF IF YOU HAD ALREADY DOWNLOADED AND INSTALLED THE APP?
*For those who had already installed the app
1) DELETE the app
2) IMMEDIATELY change ALL your PASSWORD and REFORMAT your device (the malicious code has already been installed in your device)
3) ASK FOR REFUND! IF the scammer refused to refund, FILE A REPORT to your BANK and DISPUTE the case. IF their "service" bank account has flagged with multiple dispute requesting for refund, investigation will be conducted and legal action will be taken.
4) REPORT the app to Apple Store or Google Play Store to prevent more victims being scammed by their team.
Imagine if they can hack famous website such as UpToDate, amedex, mplusx, they can do more by hacking your device.
If you need more ways in how to overcome this matter, DO NOT HESITATE TO CONTACT ME AT MY FACEBOOK ACCOUNT: