Fake or malicious apps are designed to deceive users into infecting their devices with malware. You might think the app is legitimate and helpful, but criminals have cleverly designed it to seize your data and spread the infection. Fake apps are a growing problem, made all the worse by their presence in popular app stores.
In this article, I will highlight some of the easiest ways of spotting these fake apps on App Stores. I’ll list what steps you can take to remove a suspicious application from your phone and share easy, practical cybersecurity tools to protect your devices.
Checklist for Spotting Fake Apps on the App Store
Despite becoming more sophisticated, fake apps often share common characteristics on the app store. This makes identifying them relatively easy. Below are six red flags to keep in mind:
1. Check Names Carefully
The first thing you must do with any potential download is carefully check the app’s name and developers. Often, criminals copy well-known brands to trick you into thinking their app is somehow associated.
An example of this is the ‘Update WhatsApp Messenger’ app, which in 2017 was downloaded over one million times by trusted users. The hackers used a special character that looked like a blank space to trick users into thinking it was related to the official WhatsApp app. Those who downloaded the app were spammed with adverts asking them to download more malicious programs.
2. Strange Customer Reviews
User reviews are your gateway to discovering what the app does and how well it performs. But there are some things to be mindful of when checking reviews.
Nowadays, hackers can inflate ratings and reviews to make apps seem popular and trustworthy. So, what should you be vigilant of?
When checking reviews, look for a balance of opinions that share examples and highlight detailed features of the app. Falsified reviews will often be overly positive about the app while unclear about what is great. They will use generic language and may be posted in bulk alongside similar ‘copy & paste’ style reviews.
3. Strange Permission Requests
When you download an app, you must authorize specific permissions to function. Before clicking ‘Yes’ to every request, be mindful of what you’re allowing.
That’s because malicious apps often will try to gain access to several essential functions of your device that contain sensitive information. They may want to use your camera, read and send messages, read your location data, or even use your camera and microphone.
Permissions should always relate to the function of the app. If a weather app asks for your phone book permission, this should be a significant warning sign. It shouldn’t need this information to work and thus needs to be removed as soon as possible.
4. If It’s Too Good to Be True – It Probably Is
Fake apps will often promise amazing deals to trick you into downloading them, including access to free content or discounts. Unfortunately, these are almost always fake, tricking you into lowering your guard and downloading the app.
An example of this was FlixOnline, which in 2021 conquered the app stores by promising users free subscriptions to Netflix. Once downloaded, the app began monitoring and sending WhatsApp messages to spread its infections and creating “fake overlays” on websites to steal login information.
5. Check the Descriptions of the App
Descriptions, like text and screenshots, are essential to learning about what an app can do before downloading. But you should be extra vigilant when reading this information, as fake apps will mislead you.
In particular, you should check the text for typos, grammatical errors, and strange use of language. Vague or generic descriptions that don’t highlight unique features are also best avoided.
Examine the quality and authenticity of screenshots, as fake apps sometimes will try to imitate popular apps, including their logos, but with slight variations, to push you into downloading them. If you can’t trust the validity of the text or images, then you most likely cannot trust the app itself.
6. Research the Developer and App
As well as researching the app, you should learn more about the developers, especially those you are unfamiliar with. Search their website or any active social media channels to verify claims made in the app description.
Especially if the app has low download records, it’s a good idea to look for other sources to strengthen its claims and reputation, such as review articles, interviews, and more. Ask yourself:
- How long has the developer been involved in the industry?
- Does their website match their claims?
- Is the developer active on social media?
- Have they created other apps? And how well were they received?
What to Do if an App Is Malicious?
There are several signs that you have a malicious app installed on your phone, including losing battery quickly, overheating, spikes in data usage, slow performance, and being spammed with adverts.
If you think an app is misbehaving, do the following:
- Reboot in safe mode.
- Uninstall the suspicious app in question.
- Clear your downloads folder.
- Update your device.
- Install and perform an antivirus scan.
Ways to Prevent Installing Malicious Apps
When it comes to cybersecurity, prevention should always be the goal. Below are some easy tools and tricks to remember when installing new apps onto your phone.
Use Cybersecurity Tools
Several tools can help protect you from fake apps and websites. Antivirus software, for example, can monitor apps on your phone and flag suspicious activity that might harm your smartphone’s performance.
You may also consider using a password manager to create, encrypt, and enter complex passwords into websites, preventing fake apps from harvesting sensitive login information.
Finally, a virtual private network (VPN) is another cybersecurity essential. It encrypts your internet connection, thus preventing prying eyes from intercepting your data. A VPN for Android offers the same level of encryption and protection as on your PC, including warning you when visiting fraudulent websites that may offer fake apps on your smartphone.
Only Use Legitimate App Stores
Although trusted app stores can fall victim to fake apps, many safety and security controls are in place to protect users. And if something suspicious is detected, they will alert you.
The Google Play Store, for example, has a built-in malware detection service, Play Protect. This service scans devices and notifies you if suspicious behavior has been detected.
5 Things to Remember About Fake Apps
Every day, new apps emerge that threaten the security of users online.
If in doubt, remember:
- You should only download apps from trusted sources, such as the App Store or Google Play Store.
- Regularly update your smartphone and apps to avail of the latest security protections.
- Before downloading an app, check customer reviews for an accurate depiction of performance.
- Check app permissions carefully before clicking Yes. Remember, the request should match with the app’s function.
- Uninstall any applications that you aren’t using.