As mobile phones have become an integral part of everyday life, the need for apps and software has also increased. However, with this another phenomenon has emerged, that of fake apps. Fake apps have become increasingly common.
The McAfee Mobile Threat Report 2019 found that about 65,000 fake apps were detected in December 2018.
As more fake apps crop up, the App Store and Google Play need to enforce strict security measures to ensure the safety of people who use mobile phones.
What are fake apps?
Fake apps are those that pose as a legitimate app but is used to mislead individuals into installing the app. Such apps are dangerous because they trick users into giving away personal information such as credit card information, passwords, etc.
Fake apps have malicious code and are used for phishing on the device to steals passwords to gain access to a user’s bank account. However, most apps use advertisements to earn profits. Apps that mimic legitimate apps are called clones.
Forbes reported a fake app, TinyLab’s QR Code Reader, that reads barcodes. The app charged its users $156 per year in subscription without the users’ knowledge.
Subscription-based fake apps are abundant on the App Store. These apps charge users very high subscription prices. This is a lucrative way of scamming users into paying for a subscription.
According to an estimate by The Economist, half of the top-selling apps on Google Play are fake. The reason why such apps continue to thrive is because of fake reviews and ratings.
Another why fake apps go unnoticed by the average user is because they leverage the popularity of brands. Cybercriminals target users of popular apps or brands. A fake app, ‘Update WhatsApp’ used WhatsApp’s name to trick people into downloading the app and bombarded them with advertisements.
Similarly, another app such as ‘MyGoogleTranslate’ mimicked Google Translate to confuse users into downloading it. Phone monitoring apps that pose as parental monitoring apps can be used to gather information on a user.
These apps used by parents and their children can gather personal information of a user. This information can be used against the user to steal passwords.
Researchers at the University of Sydney, in collaboration with Data61-CSIRO, have discovered about 2040 fake apps that copy some of the popular gaming apps on Google Play such as Hill Climb Racing, Temple Run, and others.
The two-year project discovered counterfeit apps, which included photo editing apps, fitness tracking, and finance managing tools.
According to the research, not all apps were fake, but these apps posed a threat to the user’s privacy by accessing cameras and microphones of the device. But users aren’t the only ones who suffer from fake apps.
Organizations, too, suffer from fake apps that copy their functions. Companies lose users and profits that are rightfully theirs.
How to identify fake apps?
Fake apps on the App Store and Google Play often go unnoticed. Therefore, it is important that users are aware of the presence of such apps so that they can take the following steps to identify fake apps:
- Only download apps from official app stores.
- Go through reviews of the app thoroughly. Do not completely rely on the rating of the app.
- Search for the developers of the app and find out if there are a legitimate company or not. You may need to do some research regarding this.
- Check the description of the app. Grammatical errors and spelling mistakes in the description of the app is a sign that the app is fake.
- Check the icon or logo of the app. Often fake apps that replicate original apps have pixelated or modified icons.
- Look for the number of downloads of the app.
- You should always see app permission before installing the app on your phone.
- Remove apps on your device that are no longer in use, and update your device regularly.
Most users rely on the security and safety measures of the platform to decide the credibility of an app. Apple and Android developers need to consistently review their platforms for fake and malicious apps on their platforms.
Unaware users are likely to fall prey to malicious apps, therefore there is a need to educate users on what is legitimate and what is not.
On Google Play, users can directly report an app which seems to violate the Google Play Developer Program Policies. Users can also flag apps or music as inappropriate. On the App Store, users can report an app by opening the app on the App Store and tapping on it to report to Apple.
Apple has been taking action against fake ratings on counterfeit apps, this is not enough. Despite efforts by Google and Apple to remove fake apps form their platforms, it seems that such apps find their way to users quite easily.
While this may provide a temporary solution to users, Apple and Google need to enforce strict policies that protect their users from malicious apps.