Yeah, I forget what version of Android it went out in. I only really started paying attention when, at work, we realized that a lot of our unreproducible bugs were from PWA users claiming they had installed the native app.
And those mismatched PWA / native bugs were overwhelmingly from Android users on newer versions of Android. They thought the new PWA install user experience was for a native Play Store app.
The bugs were driving us crazy and then someone in UX caught the behavior on a user test.
TLDR: the ‘novel technique’ is PWAs
I would argue that the new piece is that phishers are taking advantage Android’s ability to throw an install button in the browser.
Enough phones support that now, and they’re able to catch more people in their nets now that folks aren’t installing web apps from a nested menu item.
Pretty sure that was widely available two years ago. I used that to install a free VPN while in China.
Yeah, I forget what version of Android it went out in. I only really started paying attention when, at work, we realized that a lot of our unreproducible bugs were from PWA users claiming they had installed the native app.
And those mismatched PWA / native bugs were overwhelmingly from Android users on newer versions of Android. They thought the new PWA install user experience was for a native Play Store app.
The bugs were driving us crazy and then someone in UX caught the behavior on a user test.