Mobile apps that promise to deliver Olympics-related news and information, or updates about the Zika virus, typically turn out to have little functionality when they're installed. Other than the malware, that is.
"It depends on how much effort they want to go to," said RiskIQ's Pledger.
With sophisticated, targeted attacks, there might be some real content, usually illegally copied from somewhere else.
"But a lot of times, to be completely honest, these guys are trying to do it as quickly as possible," Pledger said.
The criminals lure people in with spam emails, search engines, and will even buy advertisements.
When the applications are taken down by app store owners or legal authorities, they just pop right back up again.
The fake mobile apps typically are either trying to steal information or to dial toll numbers.
There's also another damaging aspect to some of these scams, said Pleger -- they may be piggy-backing on a legitimate brand and hurting its reputation.
Sign up for CIO Asia eNewsletters.