Car sharing mobile apps have become extremely popular, and the user base of such apps is growing rapidly. Since these apps generate significant revenue, they become a target for various cyber-attacks. One of such invasions is GPS spoofing that perpetrators were detected to utilize for defrauding car sharing companies. Drivers in Singapore were reported to tap GPS spoofing tools for defrauding Grab, a local car sharing company by so they appear in a preferred position and take a customer from the chauffeurs who were actually there. Source
Motorists who were involved in spoofing incidents employed typical signal transmitting tools for faking GPS signals and “rooted” mobile phones, which have unregulated software. In combination, that allowed them to change their position without actually moving from their whereabouts. Thus, they were able to simulate driving behavior and complete rides. In such a way, individuals with GPS spoofing tools could be compensated without leaving one spot.
In other cases, drivers used spoofing apps to simulate their position in a location with many customers while in fact, they were far away. In such a way, spoofing chauffeurs were able to locate themselves virtually in better places than honest drivers who were physically positioned in those locations and “pilfer” their clients.
This example demonstrates that GPS spoofing is a genuine threat that can cause financial damages to businesses and a company’s workforce. Given that spoofing tools are easy to access and can be legally purchased for relatively low prices, GPS spoofing of mobile apps may become more precarious in the future.