Fake Android Apps : Effect on Cybersecurity and How to Spot and Avoid Them

Home Forums Cyber Security Fake Android Apps : Effect on Cybersecurity and How to Spot and Avoid Them

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
  • #2531

    The myriad of benefits mobile applications bring to our lives is undeniable. As we look to make communication and other aspects of our lives seamless, we have inevitably turned to mobile applications. The list of things that cannot be achieved using a mobile app is shrinking by the day. Now, there are more mobile applications than there are mobile devices.

    However, like any other popular digital trend, the mobile apps wave has brought its own hues especially in terms of cyber security. The ever opportunistic cyber criminals are now taking advantage of the popularity mobile apps have amassed to accomplish their own selfish deeds. How do they do that? By creating fake Android apps.

    What are fake Android apps?
    These are basically copycat Android apps that are designed to look exactly like an original in order to trick users into downloading and using them. Scammer usually target popular mobile applications in the play store. They then create similar apps and upload them which tricks users into thinking they are the original apps.
    Mobile applications such as WhatsApp, VLC and SwiftKey keyboard have been affected by this vice. For example in 2017, someone created and uploaded to the Google Play Store a fake version of WhatsApp. The app ended up being downloaded by more than one million unsuspecting users. Likewise, a fake version of VLC was downloaded more than 5 million users before anyone realized it was a fake.

    When you look at the two scenarios above, you will realize that there are two distinct ways in which fake mobile applications can be created. For the case of WhatsApp, the fake app had a striking resemblance to the original one. Everything from the logo to the developer’s name were the same. That is why it was so hard to distinguish it from the real one.

    For the case of VLC, the fake developer did not create an identical app but illegally used VLC’s open source code to create his own media player with a different name. He then loaded it with ads and ended up making a lot of money off the app. That is basically like using the work of a legitimate developer to benefit yourself.

    How do fake apps affect cybersecurity?

    If you are lucky enough, the fake app might merely bombard you with unnecessary ads in order to make money. This usually happens even when the original app do not ran any apps, like in the case of WhatsApp.
    In a worst case scenario, the fake app will install malware on your device and use it to steal your personnel data. In other cases, the apps may be used to track your every move for some fishy surveillance purposes. There are even cases where fake apps secretly take snapshots of what you do. This kind of surveillance can either be used for some malicious purposes or capitalized on by fraudulent marketers to send you targeted ads.
    How to identify fake android apps

    The Google Play Store is undeniably very credible. However, that does not mean that every app uploaded there is legitimate. You still need to be very vigilant and lookout for fake apps. Although Google on its part is doing a pretty good job at identifying and removing fraudulent apps from the store, some may escape their surveillance and end up in your phone.

    That is why it is important to understand yourself how to spot these apps and avoid them.
    Here are a few ways to identify fake apps:
    1. Search for your target app on the play store and take some time to look at the results. If there are a lot of results with the same icon, it means you have to be careful.
    2. Check the app and developer’s name. Fake apps will usually use the same icon but a slightly different name to avert suspicion from Google. For example, in the case of WhatsApp, although the developer name was identical to the original one, the fake app was named “Update WhatsApp” instead of “WhatsApp Messenger”. That should have been a tip off. In the case of SwiftKey, the developer name was different but the app name was the same.
    3. Check the number of downloads and reviews. An original app will usually have more downloads that the fake one. For example, Facebook which is one of the most downloaded apps on the Play Store has more than one billion download counts. It would be very difficult for a fraudulent app to achieve that many downloads. More reviews also mean the app may be the real one.
    4. Read user reviews. Sometimes checking what other users are saying about the app can help. If it is a fake one, there is a chance some users have already noticed and alerted others in the reviews section.
    5. Take a look at the descriptions and screenshots. The wrong description can easily give a fake app away. Mostly fake apps use robotic descriptions. Other times, the descriptions are written using highly broken English. Legitimate developers will often hire professional copy writers to draft descriptions that are clear and users can identify with.
    6. Functionality. If you went ahead and downloaded a fake android app without realizing, there will probably be something off about the way it works. For example, WhatsApp does not display ads. So if you happen to see a bunch of ads on yours, that is a fake. Uninstall it as quickly as possible. After that, clean your phone to ensure that the app does no leave any malware behind.

    How to Protect Yourself
    Google is making it hard for fake apps to exist on the Play Store. Scammers are therefore using other app platforms to get users to download their illegitimate apps.
    They may usually send you text or email messages requesting that you download their apps. You should avoid such messages and instead go directly to the Google Play Store to check if the app exists. If it is there, use the above tips to determine whether it is legitimate before downloading it.
    Alternatively, you can call the company the message claims to be coming from to verify its legitimacy.
    But more importantly, you should only download android apps from the Google Play Store. You are safer this way. Any other platform could harbor malicious apps which may end up breaching your security and doing away with vital personal information.


    Very interesting article

    It tells a lot about fake android apps and how scammers basically use these tools to make money or at-least steal information from others. Also, it’s been very effectively described in different ways how users can prevent themselves from falling into these traps.

    Different companies and tech giants can also ensure that their apps on play store aren’t getting into wrong hands and if they are, a proper framework should be defined to report these cases to the Google and remove them. This can be another way towards data security of the billions of the app users.


    That is very true Asad. It would seem that people are now taking advantage of the popularity mobile applications have gained to accomplish their own selfish deeds. We must therefore be very careful when it comes to which Android Apps to download.
    The problem is, a lot of people download apps blindly and they end falling prey to scammers. For instance, studies show that most people will usually download the first app that comes up in the search results. Considering the upsurge in fake mobile applications, this can be very dangerous since the probability of downloading a fake one is high.

    The tips I have outlined above will go a long way to ensuring you do not fall prey to app scammers. Taking a little precaution pays, especially when compared to the repercussions a fake app can bring.


    Very useful and interesting information for smart phone users.

    A lot of people don’t care about their security and download any kind of application from unknown sources as well. One of the most common reasons is a country restriction which doesn’t allow to download applications from a genuine source. People don’t understand how much information they are giving out and how vulnerable they are while
    downloading infected applications or fake ones. Which is not acceptable for security reasons.


    It is scary to think of the prospect of being caught in such a scam, and I salute the author for bringing this topic to light. For me, the mark of a great article is when I become aware of a fact that I would have otherwise remained entirely oblivious to, as is the case here. I would have never heard of this had I not stumbled across this page. Being ill-informed is surely dangerous.


    Jesus they’re even making fake apps now. I can’t imagine there’s anything that’s left online that hasn’t been affected by cyber crime or used to commit some type of crime or compromise people’s information. Moving forward, I’m going to be far more astute in such matters, and will no longer view it passingly.


    I have downloaded some apps that seemed to be fake or dodgy, and exhibited some of the characteristic in this article. When I told my friends, everyone brushed it off. However, now I know that my instincts were right, and I am grateful to the contributors of this form for shedding light on such important information, information that is so rare today.


    I was sure this would come to pass, as there are so many apps flooding the market today, that it was surely going to come to the point where cyber criminals would try to take advantage of it. And here they are. Great article.

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.