The dangers behind fake applications – and how to spot them
According to a report on online criminal activity in Brazil, the number of fake applications rose 225.1% in the second quarter of 2021. These apps are actually online scams created by criminals. Here’s more on the main risks and, most importantly, how to spot and avoid them.
What are fake apps?
Fake applications are malicious programs disguised as recognized apps, like those for social networks or even for the government. Criminals create them to trick internet users and break into their devices.
What are the risks of downloading fake apps?
There is a wide array of risks. Criminals may use access to your cell phone to capture usernames and passwords and then access contacts, SMS, photos, the microphone and camera. The degree of risk depends on the criminal’s intention and also the scope of permission granted when installing the app.
Practically all apps, whether fake or real, display an initial screen asking if they can access your contacts, camera and microphone, among others. So, in many cases, we’re responsible for providing extensive access. But don’t worry, we’ll get back to that in the topics ahead.
How to spot and avoid fake apps
Criminals that create fake apps usually copy just about all of the original: name, logo, and visual identity, among other elements. As such, to spot them, you need to pay careful attention to the details.
-
Go straight to the source: only download applications that are directly published by developers in official stores. If in doubt, visit the original supplier website and look for a button to download the application. Avoid installing apps from unofficial stores.
-
User reviews: if an app has several positive reviews, it’s a lot more likely to be authentic. Check the app’s ratings and what people are saying about it before downloading. Avoid installing applications with a low number of reviews or lots of negative ratings.
-
Permission granted: when downloading an app, always carefully check what access is being requested. For example, an official social security app doesn’t need access to your photos and contacts. If an app requests permission that is not compatible with the service it offers, deny access and keep a lookout, as it could be malware in disguise.
-
Avoid unnecessary apps: Avoid installing unnecessary apps, like those for cleaning your phone memory or to help save battery life. These functionalities are often already included in the factory settings of your device. Many of these applications may not be dependable and may even be malicious. Think twice before installing them. This way, you free up a little more space in your memory, while also reducing the risk of downloading a fake app! Lastly, keep in mind that many online stores – or other websites – feature a user experience very similar to that of an application. If you can access websites through a browser and have a secure connection guaranteed by the HTTPS protocol, is it really worth downloading the app?
Lastly, how can I tell if one of my apps is fake?
The usability and visual identity of fake apps usually give them away. If while using the app, you notice the colors are different from what you’d expect or that the functionalities don’t seem to be working, it’s best to uninstall it.
Afterwards, find the official page for the application and check for a download button. If necessary, contact the official app store to clarify any doubts about downloading the right app.
Finally, installing a decent antivirus on your device can save you a lot of trouble, as it may halt a malicious app that’s attempting to wreak havoc. But beware! There are also loads of fake apps disguised as antiviruses out there.
Article originally written in Portuguese by Perallis Security Content Team: Os perigos dos aplicativos falsos — e como reconhecê-los — Perallis Security