We often rely on official app sources like Google Play for Android and the Apple App Store for iPhones to protect us from malicious and fake apps. Official app stores have vetting systems in place that prevent unscrupulous developers from tricking unsuspecting users into installing shady apps.
Although app screening cuts down on the chances a malicious app makes it in, sometimes a sneaky developer finds a way to trick these systems into accepting a questionable app.
In the fake WhatsApp app's case, the sneaky developers tweaked their developer ID to resemble the real developer's name, in WhatsApp's case, "WhatsApp Inc.," by adding an almost invisible Unicode character space after their ID. Well, the ruse was so effective, the fake app was downloaded over a million times from the Google Play Store!
But it's not just Android users who are at risk, fake apps can also infiltrate Apple's App Store. For instance, fake department store apps from Dillard's and Nordstrom, and retail chains like Foot Locker and Dollar Tree were discovered last year.
Like malicious apps from third-party sources, fake apps from official app stores can do all sorts of shady stuff in the background. From nasty ad-clicking malware to ransomware to stealing your financial details, you can count on the bad guys to devise new ways of generating profit at your expense.
How to spot fake apps
Although fake apps that look legitimate can sneak into the official app stores, there are typical warning signs to watch out for before you download and install.
Check for typos - Before you click "get" or "install" on that app, better double check the title and developer name for typos, as small as they can be. Remember the sneaky developers of the fake WhatsApp app tweaked their developer ID ever so slightly to resemble the real developer's name.
Check for bad grammar - Another blatant red flag is bad grammar. Why? A good number of these fake apps appear to come from non-English speaking Asian or Russian developers. Broken English in the app's description is a typical indicator that it's fake.
Check the numbers - Always check the download stats. If an app of a popular service like Facebook or WhatsApp has an unusually low download figure, then it's most likely a fake app.
Check reviews - To some extent, you can read the user reviews on an app too. Although fake reviews (both positive and negative) can skew the rating of an app, user comments can still provide vital information about it.
Superfluous permissions - Before you install an app, ANY app, please check all the permissions it's asking for first. Fake apps will bombard you with a long list of permission requests so they can trick you into granting them more than what's required. For example, if a simple camera app or a GIF creator starts asking for administrator permissions, delete it immediately!
Verify apps with Google Play Protect - Google Play Protect is security program that was rolled out to Android gadgets last year. it scans and verifies any app that is available in the Google Play Store. It will then continue scanning installed apps for any changes in behavior and warn you about any security dangers they might pose.
Even better, Google Play Protect will not only safeguard you from malicious Google Play apps but it will also monitor and scan apps downloaded from third-party sources. Click here to learn more about Google Play Protect.
How to delete fake apps in Android
To review and remove questionable apps on Android, go to Settings >> then Apps or Application Manager. Look through the list and keep an eye out for anything that's odd or unfamiliar.
Tap the questionable app you want to get rid of and this will open up the App Info screen. First, remove the app's data cache by hitting "Clear Cache." Next, delete the app's data by tapping "Clear Data."
Once these steps are done, click on the "Uninstall" button to remove the app.
Sometimes, sneaky app developers hide their fake apps by making their title and icons invisible. If that's the case, look for blank spaces in your Application Manager and uninstall them as usual.
For stubborn apps that have hijacked your gadget's administrator permissions, try removing them in Safe Mode. Unfortunately, if that doesn't work, your only other option is to wipe your data, factory reset your device, and start over.
This is why it is so critical to have a reliable backup service. All it would take is one nasty fake app or mobile malware and you could lose it all. To back up all your gadgets, including Android, iOS, Mac and PC devices under one account, we recommend our sponsor IDrive. Check out IDrive today and save 50% thanks to Kim!
How bad guys put malware inside your smartphone
Aside from fake apps, cybercriminals have tons of other tricks to fool you into downloading mobile malware. Don't be their next victim. Read this article.