How to spot and avoid fake apps
What are fake apps?
Fake apps are apps created by cybercriminals to cause harm to users and their devices. They are designed to resemble legitimate apps but instead carry out malicious activities. These activities include monitoring your activity, installing malware, showing annoying ads, or stealing your personal information.
How do fake apps work?
Fake apps can be distributed in various ways. They can be hosted on third-party app stores or fake app stores. Cybercriminals can even use official app stores to distribute fake apps, despite the security measures in place.
A cybercriminal can register themselves as a developer on any app store, download a legitimate app, and rewrite it using malicious code. Then, they can upload their fake app to the app store.
While Google says it reviews all apps and developers, it is still possible for malicious apps to appear in the Google Play Store. Google constantly removes fake Android apps from the Play Store, including fake antivirus, browsers, and games. While Apple's App Store only allows vetted applications, it is reported to sometimes still host fake apps. From the point of view of the attackers, mobile devices are ideal targets – they travel almost everywhere with their owners, contain details about their private lives and the infections are very difficult to prevent or detect.
Sometimes, fake apps are circulated through social engineering campaigns. For example, scammers may use emails or SMS messages that appear to be from your bank, credit card company, or other brands to trick people into downloading applications that will compromise their data. Sometimes fake apps may pose as a fake Android update or a security update, but clicking on the links may lead to your information being stolen.
There are many third-party app stores – i.e., non-official stores. These have fallen victim to a higher concentration of malicious apps than Google Play or Apple’s App Store.
Types of fake apps
Fake apps fall into two broad categories:
These are fake apps that imitate a real one. They may feature a logo, screenshots, and artwork similar to the app they are trying to copy. The description may be stuffed with keywords that the average user might use when searching for the genuine version of the app. The name may sound similar to the original but contain a changed letter or two.
Sometimes, developers make their apps open source – which means the source code is accessible and can be modified by anyone. Taking an open-source app and repackaging it – for example, by adding ads – is much easier than developing your own app. It isn’t illegal to do so – if an app is open source, then people are free to modify it – but the addition of ads is annoying to the end-user. These types of apps can be challenging to spot.
Fake app threats
While some may be harmless, fake apps are often dangerous apps. Fake app examples include:
Repacked apps often come with ads that the legitimate free version doesn’t have, and your phone might start showing unexpected ads as well.
Billing fraud occurs when fake apps automatically charge purchases to your phone bill without your consent. These could include making collect phone calls, sending premium SMS messages, or making purchases in an app store.
The dangerous app covertly uses the smartphone as a part of a DDoS (distributed denial of service) attack, mining cryptocurrency, or sending spam.
This can take various forms, but a typical example would be a fake app that includes inappropriate content, such as hate speech or violence.
These are dangerous apps that don't contain malicious code but initiate the download of other harmful applications onto your device without your consent.
A fake app may direct you to input your login credentials or go to a website to do that (or infect you via that website). Criminals then steal your login information to use for malicious purposes.
Privilege escalation apps aim to bypass the number of privileges allowed on your device. This results in access to elevated privileges or the disabling of core security functions.
Some fake apps are used to infect your device with ransomware. As a result, your data becomes encrypted and unreadable. To re-gain access to your data, hackers will demand money from you.
Rooting apps contain code that roots the device, typically known as jailbreaking. Not all rooting apps are harmful, and legitimate apps can perform rooting—but genuine apps require user consent and don’t carry out harmful actions against your device.
Spam apps contain code designed to send unsolicited messages to your contacts or involve your device in an email spam campaign.
Spyware apps send personal data to third parties without your consent. Exploited data may include text messages, call logs, contact lists, email records, photos, browser history, your GPS location or data from other apps on your device.
Trojan apps are those that seem harmless, such as a simple game, but secretly perform undesirable actions in the background. They include a benign component that allows the app to function as intended and a hidden harmful component, such as sending premium SMS messages from your device without your knowledge.
How to spot fake apps
Check the reviews:
If an app has a low rating and numerous user complaints, be wary. However, uniformly positive reviews could be a red flag also, since fake app creators often generate fake reviews to trick users into downloading their app. If the reviews sound too good to be true, trust your instincts and look for an alternative instead.
Look out for grammar mistakes:
Legitimate app developers will usually take care to avoid typos and errors in their app descriptions. If you spot grammatical errors in the app description, tread carefully.
Check the number of downloads:
Legitimate apps can have millions or even billions of downloads. If you see a popular app with only several thousand downloads, it could be a fake.
Research the developer:
Google the name of the developer to find out information about them. This will give you a sense of whether they are reputable or not. Sometimes, a counterfeit app may have the same developer name as its original counterparts, with one or two letters changed to trick users into believing they are the real deal. Look closely at the details, especially if there are other reasons to be suspicious.
Check the release date:
When was the app released? If it shows a recent date but with a high number of downloads, it's likely a fake. This is because legitimate apps with high downloads have usually been on the market for a while.
Review the permission agreement:
Read the permissions agreement before you download the app. Fake apps often ask for additional authorizations that are not strictly necessary. This can easily go unnoticed because most people don’t read the fine print.
Check the update frequency:
If an app is updated too frequently, that may point to a significant number of security vulnerabilities.
Check the icon:
Fake apps may display an icon that looks similar to the icon of a real app it is copying. This is often the case with game imitators that mimic popular games. Look closely and don’t be deceived by distorted, lower-quality versions of the real icons.
How to protect yourself from fake apps
If you discover a fake app on your phone, protect yourself by:
- Deleting it
- Restarting your phone
- Running an antivirus
- Reporting the fake app to the relevant app store to protect others
Other steps you can take to protect yourself from fake apps include:
- Think before you download – only choose apps that will be useful to you.
- Be mindful of where you download apps from:
- Go to official app stores where possible.
- If you are looking for a particular app, use a reputable search engine to search for it. The search results should point you to the real one.
- If you are looking for a popular app, visit the developer’s official website and look for a link to it there.
- Always check the app details before you download to filter out fake or malicious apps – look at who the developer is, user reviews, number of downloads, and so on.
- Never click on links with promises that are too good to be true. If you are an Android user and you receive an unexpected SMS, a strange alert or notification, or unusual requests from what may seem to be your bank or another familiar brand, proceed with caution.
- Read the small print and review what permissions are requested by apps you download.
- Familiarize yourself with the security features installed on your mobile devices.
Kaspersky can protect you from all major online threats, including malware, spyware, and trojans. Find out how Kaspersky can help you stay ahead of cybercriminals: