Criminals design fake apps to look and feel like legitimate apps but with a sinister motive. They often contain malicious code that compromises devices, steals information, and spreads to other users.
What’s worrying about this emerging cyber threat is that many fake applications can appear on verified and trusted app stores and sites because of low entry barriers.
Researchers found that Trojan apps featured on the Google Play and Samsung Galaxy stores earlier this year. These apps, named Signal Plus and FlyGram, spied on users and could collect sensitive information like call logs, locations, SMS messages, and more. While the app stores removed them, thousands of users had already downloaded and begun using them, exposing countless users.
5 Red Flags That You’re Downloading a Fake App
As scary as fake apps might seem, there are ways of protecting yourself from these fake apps – by looking out for common red flags. Below are some red flags you should be aware of:
1. Check Customer Reviews:
Customer reviews are a great way to verify an app, but you must know what to look for. That’s because modern-day criminals can inflate app store ratings and spam overly positive reviews with artificial intelligence, making an app appear trustworthy and popular.
In 2017, an app called ‘Update WhatsApp Messenger’ was downloaded over one million times, as users assumed it was a legitimate WhatsApp application. Instead, it spammed users with advertisements. The app had a 4.2-star rating and glowing reviews, all of which proved to be false.
When checking reviews, be wary of reviews that:
- Use plain, generic, or repetitive phrases
- Are overly positive of the app without being specific
- No mention of the app’s features
- Have identical reviews to previous customers
- Appear to be posted in quick succession from each other
2. If It’s Too Good to Be True – It Probably Is
Cybercriminals often promise outstanding services, discounts, and free features to entice you into downloading them. But all these apps will do is scrape your data, infect your device, or try to steal your money.
If it’s too good to be true – it probably is. An example of this was an app called FlixOnline, which promised users two months of free Netflix Premium upon download from the Google Play Store. But the app was, in fact, malware, which monitored user activity and sent pre-set advertisements to contact books.
3. Research the Developer
Because the barrier to entry into the app market is low, cybercriminals may often create new developer names to try and trick you. They’ll copy well-known and reputable brands and logos to cash in on brand loyalty.
Inspect the developer’s name before downloading an unfamiliar app, and see if any letters or numbers are substituted. If it is an unknown name, check their website and read their history – have they made other apps? How were they received? Do they release regular updates?
4. Check Permissions
You should always limit permissions to the bare minimum that allows the app to serve its purpose. There is no logical reason to grant an app access to your files, folders, camera, or phone book if it simply doesn’t use them.
For example, if you download a calculator app, but it is then asking for permission to see your Contact Book or use your camera, you have every right to be suspicious. It doesn’t need this information to work, so it should be denied and deleted as soon as possible.
5. Regularly Monitor Apps
Even after downloading an app and using it for some time, you should always be vigilant about its performance. Some things to take into consideration include:
- Does the app drain your battery quickly?
- Is there a spike in data consumption?
- Does the app crash frequently?
- Are there pop-ups? Or other strange apps downloaded without your consent?
Two Easy to Stay Safe When Downloading New Phone Apps
Prevention is the best defense against any form of cyberattack. And there are two easy principles and tools to use to defend yourself against downloading fake apps:
1. Use a Virtual Private Network
A VPN is an excellent cybersecurity tool to protect your information and block malware. It does this in a variety of ways. Firstly, a VPN disguises your IP address, making it impossible for hackers to track you.
Many premium VPNs will also flag and block malicious websites and downloads before you click on them, thus preventing infection from occurring in the first place.
2. Only Use Verified Sources
Although we’ve said that official marketplaces can still contain fake apps, they are still the safest place to download from. That’s because if they discover a suspicious app, they will act swiftly and remove it.
On the other hand, third-party websites may not have the same (or any) quality controls to protect users from harm. Some websites are created to offer fraudulent apps and spread viruses, where the download link or button tricks you into downloading something else entirely.
