Just because you’re downloading your app from an official store doesn’t make it safe.

It’s been said that education is your sword. All of the technological advances in today’s world have made life easier than ever, but more of our private information has been exposed because of it. However, knowing the risks, red flags and preventative actions can help arm you. There hasn’t been a lot of news reporting the issue of fake applications, but it has been relevant for the past 5 years and continues to cause problems for both individuals and businesses; especially for those using their smart phone for personal and work purposes.

In 2017, the Google Play Store deleted over 700,000 fake applications that contained malware and other invasive software. When a user downloads a fake application, a number of things can happen depending on the intentions of the hacker. Certain apps will download malware onto your phone, allowing the hacker to see everything that you perform on your screen. They can then gather credentials, banking information, email access and acquire other sensitive information. It’s been reported that hackers have also gained access to cameras and photos, and have sent text messages through the hijacked phones. Some fake developers will produce false advertisements and heavily push them to consumers so that they can pocket the revenue.

These fraudulent applications can be circulated through social media, third party and official app stores. Even though it is more secure downloading an app from an official store, such as Apple App Store or Google Play Store, there are still many fake ones that slip through. These criminals can create fake apps for popular companies that don’t actually have an existing app. They will also clone existing apps in order to reengineer them with malicious coding and then repackage them. These cloned apps will replicate the original one’s functions while running malware, or performing some other invasive attack in the background.

This is where education becomes important.

Signs of a fake app:

Misspelt words and/or bad grammar

Read over the app description to check for these red flags. You will also want to double check the developer name and title for these signs. Be aware that some of them are extremely small and intentionally made to be unnoticeable. As in the case with WhatsApp where a fake developer added a miniscule Unicode character space after their ID. This red flag was so small that over 1 million people downloaded it from the Apple and Google app store before it was discovered and deleted.

Reviews and Downloads

Just to be safe, it’s ideal to do a quick search of the app, and the developer, online before downloading it. If there is a fraudulent app out there, someone might have publicized the scam. When checking the customer reviews within the app store, make sure they aren’t short and generic, as some fake developers will quickly write something up themselves. Check the number of downloads the app claims to have. The higher the number the more likely it is to be safe. You can also visit the company’s website to see if the app is available that way.

Permissions

If you are presented with an extended list of permission requests, this is a warning flag. The goal is to create a feeling of overwhelm so that the downloader just clicks on yes to make it stop. Common sense is helpful here as a flashlight app should never require administrator permission.

 

 

According to Norton, “Security or software update notifications can be a bit trickier to decipher. Often users receive a prompt to install an urgent security update. Your best action in this scenario would be to search online to find out information about that update. If there are multiple discussions online about that specific security update, that can confirm if it is genuine.”

There are plenty of security software options for your phone that you can purchase. One of the top rated ones is Norton Mobile Security App Advisor. It allows users to examine the behavior of an app before downloading it. The software will scan the apps to seek out features that use an unnecessary amount of data or battery life, and display pop up ads or other intrusive behavior. Lastly, it can also identify if an app has any malicious characteristics or carries malware. Another great option, if you are looking for something on a business level, is Dell SecureWorks.

If you have questions about Dell SecureWorks or other security options for your business, please contact us:

Contact Us

  • This field is for validation purposes and should be left unchanged.

References:

https://www.komando.com/tips/434061/fake-malware-apps-how-to-spot-and-delete-them

https://www.guardsquare.com/en/blog/fake-mobile-apps-growing-threat

https://us.norton.com/internetsecurity-how-to-how-to-spot-a-fake-android-app.html

https://lifehacker.com/how-to-spot-fake-apps-in-apples-app-store-and-google-pl-1821428717