Fake Android Apps Effect on Cybersecurity and How to Spot and Avoid Them

Fake Android Apps : Effect on Cybersecurity and How to Spot and Avoid Them

Lyton atinga

The myriad of benefits mobile applications bring to our lives is undeniable. As we look to make communication and other aspects of our lives seamless, we have inevitably turned to mobile applications. The list of things that cannot be achieved using a mobile app is shrinking by the day. Now, there are more mobile applications than there are mobile devices.

However, like any other popular digital trend, the mobile apps wave has brought its own hues especially in terms of cyber security. The ever opportunistic cyber criminals are now taking advantage of the popularity mobile apps have amassed to accomplish their own selfish deeds. How do they do that? By creating fake Android apps.

What are fake Android apps?

These are basically copycat Android apps that are designed to look exactly like an original in order to trick users into downloading and using them. Scammer usually target popular mobile applications in the play store. They then create similar apps and upload them which tricks users into thinking they are the original apps.
Mobile applications such as WhatsApp, VLC and SwiftKey keyboard have been affected by this vice. For example in 2017, someone created and uploaded to the Google Play Store a fake version of WhatsApp. The app ended up being downloaded by more than one million unsuspecting users. Likewise, a fake version of VLC was downloaded more than 5 million users before anyone realized it was a fake.

When you look at the two scenarios above, you will realize that there are two distinct ways in which fake mobile applications can be created. For the case of WhatsApp, the fake app had a striking resemblance to the original one. Everything from the logo to the developer’s name were the same. That is why it was so hard to distinguish it from the real one.

For the case of VLC, the fake developer did not create an identical app but illegally used VLC’s open source code to create his own media player with a different name. He then loaded it with ads and ended up making a lot of money off the app. That is basically like using the work of a legitimate developer to benefit yourself.

How do fake apps affect cybersecurity?

If you are lucky enough, the fake app might merely bombard you with unnecessary ads in order to make money. This usually happens even when the original app do not ran any apps, like in the case of WhatsApp.
In a worst case scenario, the fake app will install malware on your device and use it to steal your personnel data. In other cases, the apps may be used to track your every move for some fishy surveillance purposes. There are even cases where fake apps secretly take snapshots of what you do. This kind of surveillance can either be used for some malicious purposes or capitalized on by fraudulent marketers to send you targeted ads.
How to identify fake android apps

The Google Play Store is undeniably very credible. However, that does not mean that every app uploaded there is legitimate. You still need to be very vigilant and lookout for fake apps. Although Google on its part is doing a pretty good job at identifying and removing fraudulent apps from the store, some may escape their surveillance and end up in your phone.

That is why it is important to understand yourself how to spot these apps and avoid them.

Here are a few ways to identify fake apps:

  1. Search for your target app on the play store and take some time to look at the results. If there are a lot of results with the same icon, it means you have to be careful.
  2. Check the app and developer’s name. Fake apps will usually use the same icon but a slightly different name to avert suspicion from Google. For example, in the case of WhatsApp, although the developer name was identical to the original one, the fake app was named “Update WhatsApp” instead of “WhatsApp Messenger”. That should have been a tip off. In the case of SwiftKey, the developer name was different but the app name was the same.
  3. Check the number of downloads and reviews. An original app will usually have more downloads that the fake one. For example, Facebook which is one of the most downloaded apps on the Play Store has more than one billion download counts. It would be very difficult for a fraudulent app to achieve that many downloads. More reviews also mean the app may be the real one.
  4. Read user reviews. Sometimes checking what other users are saying about the app can help. If it is a fake one, there is a chance some users have already noticed and alerted others in the reviews section.
  5. Take a look at the descriptions and screenshots. The wrong description can easily give a fake app away. Mostly fake apps use robotic descriptions. Other times, the descriptions are written using highly broken English. Legitimate developers will often hire professional copy writers to draft descriptions that are clear and users can identify with.
  6. Functionality. If you went ahead and downloaded a fake android app without realizing, there will probably be something off about the way it works. For example, WhatsApp does not display ads. So if you happen to see a bunch of ads on yours, that is a fake. Uninstall it as quickly as possible. After that, clean your phone to ensure that the app does no leave any malware behind.
How to Protect Yourself

Google is making it hard for fake apps to exist on the Play Store. Scammers are therefore using other app platforms to get users to download their illegitimate apps.
They may usually send you text or email messages requesting that you download their apps. You should avoid such messages and instead go directly to the Google Play Store to check if the app exists. If it is there, use the above tips to determine whether it is legitimate before downloading it.
Alternatively, you can call the company the message claims to be coming from to verify its legitimacy.
But more importantly, you should only download android apps from the Google Play Store. You are safer this way. Any other platform could harbor malicious apps which may end up breaching your security and doing away with vital personal information.

Share this post

Share on facebook
Share on twitter
Share on pinterest
Share on linkedin
Share on reddit
Share on whatsapp
Share on email