How to Spot a Fake App

How to Spot a Fake App

watch-out-for-fake-android-apps

We all need to be careful as the next app we download could be a dangerous Trojan. Below I will explain how to spot fake or malicious apps for your phone or tablet.

Android malware is on the rise. Kasperkys (in partnership with Interpol) latest Mobile Cyber Threats Survey found there were six times the amount of malicious apps in July 2014 than in August 2013.

You can see the attraction of targeting Android devices from a hacker’s point of view. Your Android devices contains things like your personal details, logins and passwords, private notes, messages and of cause your photos, it could even be linked to your bank account or credit card too.

Hackers simply have to create a Trojan and disguise it as something you might want and they can then get their hands on all that valuable data. Facebook fakes, video apps and too-good-to-be-true antivirus apps are circulating in there thousands right now, just waiting for you to download and install them.

Hackers, like all conmen, give themselves away by making simple mistakes.

Its ‘Facebook’ but not as you know it

Genuine social apps never ask for 'device administrator' permissions

Genuine social apps never ask for ‘device administrator’ permissions

Mobile malware makers love Facebook. According to Cheetah Mobile the makers of Clean Master, no fewer than 15,000 fake social networking and messaging Android apps have appeared between January and August 2014, More than half of these were dodgy Facebook clones. Thousands more are pretending to be WhatsApp, Twitter and Instagram.

Hackers use the apps to steal your username and password, which they assume you are probably going to use the same details on other accounts to.

Malicious clones often have really poor spelling and badly reproduced branding, but you might not always notice this until its to late and you have downloaded the app and entered your password and username. By that time its to late as the app has done its job.

There are a few ways to check and see if a big-name app is the real thing before downloading it. First, see how many people have downloaded if from the Google Play Store. At the time of writing this the real Facebook app for Android has been downloaded almost 23 million times. If you are looking at a ‘Facebook’ app that has only been downloaded 200 times or only has a few “user” reviews its not the real deal.

You need to be wary of believing everything you read in the Play Store reviews. It’s very easy for app developers to buy fake reviews and ratings from feed back touts like App Reviews Mart, and get 5 star reviews from BestReviewApp. If in doubt its always best to click on the reviews name and see what else they have reviewed. If all there reviews are worded exactly the same or sound suspiciously generic (“Great App, Just what I needed”), take them with a large pinch of salt. You can report apps, reviews or comments that you think are suspicious to Google.

Lots of generic, short reviews may be a sign of a fake app

Lots of generic, short reviews may be a sign of a fake app

It’s not in the Google Play Store

If you are not sure that the brilliantly reviewed, but badly spelled app is legitimate, bookmark the Play Store page and then come back to it a few days latter. Fake apps don’t last long in the Play Store. Those that are not blocked instantly by Google’s app-scanning tool, Bouncer are usually removed within a few days according to F-Secure latest Mobile Threat Report.

Google can’t police the entire Internet; so bogus apps always find other ways to get distributed, like Facebook comments, emails, online adverts or an independent Android app website like AppBrain. All the fake apps identified by Cheetah, were downloaded from outside they Play Store.

Never download apps via adverts or links in Facebook Comments

Never download apps via adverts or links in Facebook Comments

Independent Android sites are not always dangerous, but please bare in mind they don’t scan the apps as thoroughly as Google. Earlier this year security firm Opswat found a third of all Android apps outside the Plat Store were infected with malware.

Similarly, if you are using an iPad you should only download apps from the App Store and iTunes (not that you get much choice). The tightly controlled nature of iOS tends to prohibit third party app markets and this helps keep hackers at bay, which I think is a good thing.

It’s too Good to be True

Hackers know that we can all be slaves to our desires, so if they promise to give you exactly what you want, you are less likely to trust your better instincts.

In June of last year, Ransomeware on Android arrived in the shape of Simlocker Trojan; it was packaged as a porn-video app. Not long after that, hacker’s striked again this time exploiting political fervor by spreading spyware among Hong Kong protesters, who thought they were downloading a pro-democracy app.

The Angry Birds Transformers app contained a "vandal' Trojan that destroyed data

The Angry Birds Transformers app contained a “vandal’ Trojan that destroyed data

You also need to be on the lookout for apparent collaborations, because in September last year, there was a new Angry Birds app called Angry Birds Transformers in the Google Play Store, which turned out to contain the Elite Trojan. Security researchers at Dr Web discovered the Trojan in October Last year and they categorized the Trojan as a “Vandal Program” as it destroys the victim’s data. When you launched the app for the 1st time it would ask for ‘device administrator’ permissions (These are normally only needed by apps that let you lock or wipe your phone remotely) and then immediately format your SD card if you have one installed, and block all of your messaging apps.

If an app ever says it can remove all of the manufactured pre-installed software with out you having to root you device or reveal who is looking at your Facebook profile, its lying!!

 

You Have Never Heard of it

New apps from companies you have never heard of that promise the earth are very unlikely to be what they seam. According to Kaspersky, fake antivirus apps are a big problem.

April Last Year, an antivirus app, called Virus Shield by the developer Deviant Solutions managed to sneak through Google’s app scanner and it was downloaded 30,000 times, and cost £2.38 the app its self was not malicious but it was totally useless (expect to its developer who became quite rich from it). When the scam was found Google was forced to refund all of the 30,000 customers who had purchased it.

Don’t be tempted by ‘novel’ antivirus apps. Most of the big antivirus companies out there make safe reliable tools to help protect your devices from malware and fake apps; they are also regularly updated to help keep your devices safe from the latest treats.

So be aware of the apps you are downloading are what they say they are. Stay safe and keep alert for the scammers, all they want is your money and to cause as much trouble as they can!!!!

Share Button

Cancer E-mail Scam

Cancer E-mail Scam

Cancer E-Mail Scam

Cancer E-Mail Scam

A shocking new e-mail scam has targeted thousands of computers in the UK, This horrifying hoax email poses as the National Institute for Health and Care Excellence (NICE), and the subject line would be ‘Important blood analysis results’. The e-mail would then go on to say a recent CBC (complete blood count) test has revealed the recipient had a very low white blood cell count, which is often the early sign of cancer. The National Institute for Health and Care Excellence call centre was flooded with panicked callers of this hoax. The chief executive for the National Institute for Health and Care Excellence Sir Andrew Dillion said: “This malicious email is not from the National Institute for Health and Care Excellence and we are currently investigating its origin. We take this matter very seriously and have reported it to the police”. The hoax email try’s to trick you into opening an attached zip file so you can view the test results. Doing this will install a Trojan on you PC. In reality, the NHS would never send this type of news by email. People should be particularly wary of attachments in suspicious emails, which often contain malware just waiting to infect your machine.

Share Button