App life is a hard life. Not only do you have way too many choices for the tool you need, you also have to be careful not to download a fake app. How is a regular person supposed to cope with all this? Luckily, we can provide you with some pointers that will help you separate fake apps from genuine ones.
What is a fake app?
A fake app is an app that is made to appear like the actual app that you wanted but is actually used as a way for threat actors (that’s a cool way to refer to criminal types) to mess with you. They can take any form, from an app that mostly works as you expected but is also stealing your data on the side to fake banking apps made to steal your logins that the FBI warned us all about in 2020.
What are the types of fake apps?
I’m glad you asked!
Fake app formats
The Clone | The Counterfeit | The Repackage |
---|---|---|
The app will try to appear as similar to the original app as possible, confusing people looking for the real thing. Here’s an example of a VLC player pretender. | Imitation may be the sincerest form of flattery, but it’s also an all-too-common thing on the app store. Even today, Angry Birds rip-offs outnumber official Rovio apps on the Google Play Store. | Taking an open-source app and repackaging it with ads and other annoying nonsense is much easier than developing your own app. |
Fake app threats
Botnet | Trojan | Ad bots |
---|---|---|
The app will secretly use the smartphone as a part of a DDoS (distributed denial of service) attack, mining cryptocurrency, or sending spam. | This infection buried in the code of a legitimate-looking app allows access to your device, like the compromised version of Facebook Lite that stole user data. | Repacked apps commonly come with ads the legitimate free version doesn’t have, and your phone might start showing unexpected ads as well. |
Ransomware | Hostile content | Phishing |
This is usually something that viruses do, which is lock up your phone until you pay hackers a ransom to get it unlocked. | This can cover many things, but the purest definition would be an app that displays inappropriate content (like violence, hate speech, and so on). | The app may direct you to input your login data or go to some website to do that (or to infect you via that website), all to steal your data to be used in cybercrimes. |
Downloader | Spyware | Billing fraud |
The app itself won’t do anything overly malicious. However, it will download stuff that will. | Why would a calculator app need access to your camera? To spy on you! | The app will put charges on your phone bill or even send messages to the hacker’s premium number. |
How to spot a fake app on your phone
Not all fake apps are as sophisticated as the Facebook Lite trojan we mentioned earlier. Most of them are really crude. Here’s how you can spot a fake app on your phone.
1. Inspect the title
The app’s title is likely to have typos in it or just weird formatting to get as close as possible to the name of the actual app without just being a copy. Also, be aware of tricks like using a capital “i” (I) instead of a lowercase “L” (l).
2. Check the icon
Fake apps will try to make an icon that looks close or at least reminiscent of the icon of the real thing. This happens all the time with game imitators that imitate stuff like Angry Birds. Meanwhile, apps that just want to copy an existing app will usually have a distorted, lower-quality version icon of the real thing.
3. Look at the developer
Big famous apps come from big famous developers. Check the developer of the app you’re about to download (or have downloaded already). Are they called the same as the company that developed the app? Or is the name just similar to that of the real developer?
4. Watch the download count
A genuine popular app will have downloads in tens of thousands, if not millions. So unless you’re looking for a specific niche app (for ornithology, for example), it should have plenty of downloads.
5. Read the reviews and the ratings
Yes, fake apps will have some fake reviews and fake ratings. However, apps that don’t work or don’t deliver on what they promise (like being wallpaper collections instead of the game it pretended to be) will have people venting in the comments and downvoting the app.
6. Pay attention to permissions
If the previous points checked out and you downloaded the app, be mindful of the permissions you are asked to give. Are they reasonable for the app you downloaded? Like, does an Angry Birds clone really need your location information? Why would a PDF reader need access to your microphone? Requests like that are all signs of a fake app.
What to do if you discover a fake app
- Delete it
- Restart your phone
- Run an antivirus app
- Report the fake app to the app store to protect others
You should also use a mobile VPN app as it protects your data and can make you less vulnerable online. To make things easier, you can get a Surfshark One subscription that offers a VPN and antivirus protection in a single package.
Fake apps can and do carry their fair share of malicious malware that hackers use to steal information and cause untold damage to your mobile device.
Don’t fall for fake apps
Fake apps aren’t going anywhere (at least as a concept – individual apps do get exposed), so you must remain vigilant. Protecting your smartphone is ever more important, as they contain an increasingly larger part of our lives. And if we can end this article with something closer to our heart, when it comes to protecting your mobile browsing, getting a free VPN is basically downloading a fake app.