Skip to Content
© Tsingha25 |
Security & privacy

Don’t download one of these scammy apps pretending to be an authenticator

A slew of phony authenticator apps is currently making waves, inspired by Twitter’s recent decision to make account two-factor authentication (2FA) a premium-only feature. Unsuspecting users are reporting problems. But not with the platform itself.

Authenticator apps take 2FA to the next level in terms of security. Here’s how these security tools work.

After users reported several nearly-identical authenticator apps with misleading descriptions, app stores are urged to take action. Read on for the sketchy details.

Why you should never trust an unverified 2FA app

Apple’s App Store is receiving criticism for holes in its App Review process. At least a dozen fake authenticator apps have been spotted, tricking users into unauthorized purchases and data fraud.

These apps are modified versions of the same generic shell, as a few iOS developers pointed out on Twitter. Many feature ads that you can’t click out of without accidentally “approving” payment to the developers. Some can even steal your 2FA altogether, putting your accounts at risk while you use it.

One big thing these fraudulent apps have in common? They claim to be free, but you cannot utilize the services advertised without opting into deceptive in-app purchases or subscriptions.

The family of apps and their presence in the App Store ad space is raising eyebrows. These apps should be vetted thoroughly before being allowed to advertise to users directly.

The bottom line: There are so many better ways to secure your data. Never download apps you can’t find important information about online, including the publisher and developer and the app itself should never appear out of nowhere. Checking app reviews before downloading is critical to staying protected.

RELATED: Security warning: How to spot fake ChatGPT apps hiding malware

Why the right 2FA is worth the wait

Two-factor authentication (2FA) might be the only thing between your data and hackers (such as the threat actors described above). Microsoft Authenticator and Google’s 2-step verification program are industry-standard options that we use.

Attention, small business owners: Check out our guide to protecting your corporate accounts without putting yourself or your organization at risk. Around 38% of large organizations don’t use 2FA — if yours is one of them, it’s time for a change.

Keep reading

The high-tech way to protect your logins that’s better than 2FA

iOS 16.3.1 fixes major vulnerabilities but may cause a problem for this popular app

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook