Mobile apps and web interfaces have become an integral part of our daily lives. However, the convenience and attractiveness of mobile user experience (UX) also opens up new horizons for cybercriminals. They adapt their schemes to the habits and behavior of users, using interfaces that are visually indistinguishable from legitimate services.

Dark UX: how it works in fraudulent schemes

The term “Dark UX” (or Dark Patterns) describes interface elements that intentionally mislead the user. Cybercriminals use these techniques to force a person to do something they do not really want – for example, enter personal data or confirm an unwanted payment.

Fake push notifications that imitate system messages, deceptive login forms that look like real Instagram or Google screens, and fake “Download” buttons disguised as website elements are all classic examples of dark UX. They look so authentic that even an attentive user cannot always spot the fake.

Statistics and real cases

According to the Infosecurity Magazine, more than 82% of phishing attacks are targeted specifically at mobile devices. This is because it is harder to spot the trick on a small screen. A particularly alarming case in Europe in 2023 was when scammers created a fake iPhone mockup with the UI of a banking app. They filmed a video tutorial demonstrating a fake “cashback setup” and distributed it on TikTok. As a result, many users installed malware, thinking that they were receiving a legitimate service.

Interestingly, iPhone mockups themselves are a powerful visualization tool for designers and companies demonstrating how interfaces work. The problem arises when such tools fall into the hands of attackers and are used not to present products, but to deceive.

Mockups can play a key role in principle: they can be used to clearly show what fake banking applications or cloned interfaces look like. Such visualizations are especially useful in training users and security specialists. Developers can use iPhone mockup to demonstrate which details should cause concern – for example, unnatural transitions, the absence of familiar animations, or unnecessary input fields. This helps to form visual memory in users and the ability to distinguish between a genuine and fraudulent interface.

Why mobile UX is so effective for attacks

On mobile devices, we see less information and act faster – swipe, autofill, Face ID scanning. All this creates the illusion of security. The user no longer analyzes the interface, but simply interacts. Cybercriminals cleverly take advantage of this, introducing false elements that do not arouse suspicion.

Where fake UX is most often used

Financial applications

Fake banking interfaces are one of the most common schemes. Fraudsters create applications that completely copy the appearance of original bank clients. Visual identity allows them to easily lure logins and passwords. One of the popular techniques is to use a mockup of an iPhone with a fake application installed, demonstrating a login window that is almost indistinguishable from the real one.

Social networks

Fake login forms for Facebook, Instagram or TikTok often appear in dubious applications or browser pop-ups. Having gained access to a social account, attackers use it to further distribute spam and phishing among the victim’s friends.

How to recognize fraudulent UX

If something in the interface seems strange – even a slight difference in the font or icon, an unusually fast redirect after logging in, the absence of standard functions like “show password” – this may be a sign of deception.

You should also be wary of the behavior of the application itself: if it requests access to the microphone, contacts or geolocation for no apparent reason, it is better to stop. It is especially important to pay attention to where you downloaded the application from – if it is not in the official App Store or Google Play stores, you should think about it.

How to protect yourself from attacks using UX

To avoid getting caught, it is important to maintain digital hygiene. For example, install applications only from trusted sources, do not follow suspicious links, especially from SMS or messengers.

A good habit would be to periodically check what permissions were granted to the installed applications. If a calculator wants access to photos or contacts, this is a cause for concern.

Here is a short list of truly effective technical methods of protection:

  • Hardware two-factor authentication (for example, YubiKey)
  • A combination of biometrics and a PIN code instead of Face ID alone

How UX designers can help fight cyber fraud

UX designers can become an important link in the fight against fraud if they develop interfaces taking into account not only convenience, but also security. For example, visual indicators of authenticity – unique animations, brand elements and style – help distinguish the original from the fake.

In addition, interfaces should be as transparent as possible: the user should understand what actions he is performing and what data he is entering. Conducting UX research can also reveal vulnerabilities and potential entry points for intruders.

Final words

Cybercriminals are not standing still: they use the same tools as UX designers, but with opposite goals. Attacks through mobile UX are becoming especially dangerous – where the limitations of the interface play into the hands of attackers.

The fight against this type of threat requires joint work: users who know how to recognize fakes, and specialists who create safe and transparent interfaces.