Apps are useful tools, but not all of them are secure. Fake apps can also be difficult to detect. So, before you click the download button, look for these red flags.

Shine Your Eye: The How-To Guide For Spotting Fake Android and IOS Apps

(Alt Text: person-using-a-smart-phone)

In today’s digital world, there appears to be an app for everything, and why not? Apps make your life easier, from the well-known Netflix (and Chill) app, which brings the cinema experience into your home, to productivity apps, which can help you manage your course workload like a pro.

However, app life can be difficult to navigate. Not only do you have far too many options to choose from, but not all apps are safe. What if that language training tool isn’t exactly what it appears to be?

The worst part is that they (fake apps) aren’t always easy to detect. To avoid them, you’ll need to know what to look out for, aka shine your eye.

Fortunately, we can provide you with some tips to help you tell the difference between genuine and fake apps.

But first and foremost:

What is a Fake App?

A fake app is any mobile (or web) application that is designed solely to fool you into thinking it is a legitimate app. In other words, they are designed to look like the actual app you were looking for, but once you download it, it is used as an access tool by threat actors (a fancy way of saying cybercriminals) to invade your privacy and steal from you.

Whether that takes the form of:

A Ransomware: a virus that locks up your phone with the hackers demanding that you pay in order to get it unlocked.

A Downloader: where the app itself won’t do anything overly malicious but will download stuff that will, opening the door for something sinister. 

A Phishing Attack: this usually happens in one of two ways, you may be redirected to a website or asked on the fake app’s homepage to enter your login information. Nothing out of the ordinary, but because it is cyber criminals at the other end of a phishing attack, your data can be stolen and used in cybercrimes such as identity theft.

A Trojan Attack: this is often done by burying malware in the code of a real-looking app that grants hackers a way into your device, for example, the hacked version of Facebook Lite that was used to steal user data.

Of course, there are other ways cybercriminals can use fake apps for their sinister purposes, but these are by far the most popular. 

 

Types of Fake Apps

Fake apps can take any form, from fake banking apps (think the phishing attack we described earlier) to an app that mainly works as you expected but is also stealing your data on the side. 

However, regardless of the form they take, they typically fall into one of the three categories below:

1. The Retooled

The Retooled is a type of fake app that is created from an open-source (free-for-all) app and repackaged. In most instances, they are used by their creators to drum up money from Ads as they are much more manageable than developing your own app. But they can still be a nuisance and, on rare occasions, be used for a more malevolent purpose like phishing.

       2. The Duplicate

The duplicate will try to appear as similar to the original app as possible, confusing you looking for the real thing. Here’s an example of a VLC player pretender.

      3. The Knockoff

Those who can’t create, imitate, and who better to do this than cyber criminals who want to spend their day lounging beside a tasty plate of jollof rice bought with their ill-gotten gains from preying on unsuspecting web users (which won’t be you at the end of this piece).

It may be the sincerest form of flattery, but it’s also an all-too-common thing on the app store. Even today, Angry Birds’ rip-offs outnumber official Rovio apps on the Google Play Store.

 

Choose Your Warrior: How to Spot a Fake App 

The good news is that not all fake apps are as elegantly developed as the Facebook Lite trojan we mentioned earlier. A lot of them are really simple in form, and if you know what to look out for, you’ll be able to spot them out in a sea of apps so you can gingerly jump right over them – thereby avoiding the gutter mess they symbolize. 

Here’s how you do it in six steps:

1. Examine the Icon aka Spot The Difference 

Fake apps frequently have an icon that is similar to or reminds you of the real thing’s icon. In this case, “real thing” refers to the most popular apps in a category, such as VLC and MX media player in the video-playing app category. This is also common with game counterfeiters who mimic popular games such as Angry Birds.

 

Real Angry Birds Logo

Imitation Angry Birds Logo

In other words, apps that simply want to duplicate an existing app will typically have an altered, lower-quality interpretation of the original icon. Keep an eye out for this sign.

 

2. Typos in The App’s Name Tell a Tale

Remember how we talked about fake app creators imitating popular apps in order to deceive the general public? 

Fake app developers are known for giving apps the same name as their genuine counterparts, oftentimes only changing a letter or two in the hopes of it going unnoticed and getting as close to the name of the actual app as possible without being a copy.  

So, when conducting your search, always pay close attention to the app title; read each letter and look out for misspellings. If you notice a typo, this is a red flag. You should also do the same if the app name appears to be formatted incorrectly. 

 

3. The Developer’s Name Will Lead You in the Right Direction

Investing a little extra time in researching the developer of any app you’re considering downloading may appear time-consuming. Still, it’s a small price to pay to avoid cyber attacks by fake apps. A quick Google search can reveal a developer’s reputation and whether or not they’re a reliable source.

To find the developer’s details on the app store:

• Open your Play Store app
• Browse or search for the app
• Tap the app icon to open its detail page
• Tap “About This App”
• Scroll down to the bottom of the page to review the app info; you’ll find the developer/creator name next to the phrase “offered by”

Big-name developers create big-name apps. If you’re about to download a popular app but can’t find anything positive about the developer, it’s a clear indication that you should abandon the mission.

 

4. The Download Count Speaks Volumes

It’s simple: a legitimately famous app will have tens of thousands, millions even, of downloads. So, unless you’re on the hunt for a certain niche app (say, for herpetology), it should have a lot of downloads.

If it doesn’t, run! 

5. Ratings and Reviews are Important 

Sure, fake apps will have some phony ratings and reviews. But apps that don’t deliver on what they market or don’t work (for example, an app marketed as a game but functions more like wallpaper collections than the game it impersonated) will have real negative reviews and is definitely not worthy of your time.

 

6. Pay Close Attention to the Permissions Request

If the above points are correct and you download the app, be vigilant of what phone access permissions you are asked to grant. Are they logical in relation to the app you downloaded?

Why would a document scanner, for example, want access to your microphone? Why does an Angry Birds replica require your GPS coordinates? Such requests are all indicators of a phony app. You should delete it right away. Because it is a Rooster if it walks and crows like one.

Pro Tip: Now that you know how to spot a fake app, we recommend performing an audit of all the apps on your phone to ensure that no fake apps are present.

 

What Should You Do If You Find a Fake App on Your Phone?

 

• Delete it right away.

 

• Reboot your phone.

 

• Use an antivirus to clean up your phone 

 

• Report the fake app on the app store.

 

Do Not Fall for Fake Apps

Protecting your phone is becoming increasingly crucial as it contains an increasing portion of our lives – particularly apps.

Unfortunately, fake apps aren’t going away (at least not as a notion – individual apps are often compromised), so you must stay vigilant. Before downloading any apps, go through the steps outlined in this article. In short, bookmark this piece in your browser and use it as a reference so you don’t miss a step.

Finally, in the spirit of Ubuntu, please share this article with those you care about. After all, they, too, deserve a phone free of fake apps!