Ever since Alexander Graham Bell invented the first practical telephone, these devices have been subject to a colossal amount of development and nowadays they’re able to do much more than just phone calls. Smartphones are now true media centers where it is possible to read books, access the internet, watch movies, play games, and much more. Essentially, everything that simply wouldn’t be possible without the apps we take for granted today and that fill our screen from top to bottom.
But we also live in a deceitful society where a small percentage of the world can take advantage of our reliance on the internet, with a significant portion of these nasty schemes targeting mobile users. These gadgets are continuously flooded with fake apps that fool the unaware users into blindly accepting all the permissions required for the app, essentially giving attackers exactly want they want: full control of the device to spy, steal, or scam for their own benefit.
The Importance of Vigilance in Distinguishing Apps
One of the best ways to avoid falling prey to wrongdoers’ forged apps is to stay up to date with the most relevant news on privacy and online security, something that we put a great deal of importance on here at Best Reviews. Learning about the increasing amount of ingenious ways that attackers are using to fool the public is a great way to smell them at a distance and ensuring a safe online life. Self-conscience is, after all, your best friend, so don’t be afraid to doubt everything until proven otherwise. In this case, knowing what to look for in a certain app may be the difference between installing a harmless app or a toxic one.
For instance, you should never disable the option to install apps from unknown sources on Android devices – something that the device itself will actually warn you against. This is quite a risk, honestly, because while there are many honest and useful APK apps available out there, unless they’re absolutely proven to be trustworthy, it’s always best to play it safe and avoid them. This is called sideloading and it’s more important than it seems as it essentially means you’ll be installing apps that aren’t officially available through Google or Apple and their respective app stores, and therefore aren’t subject to their security standards.
The same principle applies when visiting alternative marketplaces to Google Play Store and Apple’s App Store. As with the previous example, there’s good and bad here too: some decent apps in there won’t bring any harm to your device, but many others – especially those coming from Chinese marketplaces – can be dangerous.
Even if you stick to the official apps from the on-device markets, however, there’s still something to pay attention to before installing: permission requests.
Permissions That Can Be a Menace to Privacy
Before blindly installing anything, it’s strongly advisable to take some time to review the permissions requested by the creator of the app. In truth, this is where even the less tech-savvy can spot a forged app by simply asking ‘why?’. If you’re downloading the latest augmented reality game, it’s understandable that it’ll require access to your device’s camera, GPS location and the like, but if it’s just the simplest of apps, then why does it want so many permissions? Why would a calculator app need to access your camera, text messages, or phonebook records, for instance? Or why should a game need to change your system’s settings? If it doesn’t add up, then it’s likely to be a scam.
These are only some of the most common permissions that attackers usually have their fake apps ask of people. Depending on how many and how serious they are, with these accepted attackers can take full control of the device and, among other things, read your text messages, access your email, or make phone calls to whatever numbers they want. This often takes place without the user even knowing about it and from here it’s just a small step up to full-on credit card fraud and identity theft. Other drastic outcomes can result from Trojans or other malware being directly installed on the device, which cyber criminals are able to do if they have permission to modify the system’s configuration and give them the opportunity to corrupt the system in no time.
The Rise of Fake Apps
In 2017, Google Play was cleaned of more than 700,000 different apps and it didn’t take long for Apple to follow its main rival’s steps. The protective measure was more than necessary given that, at the time, 85% of the apps on Google Play were unsafe, while around 18 million downloads accounted for various dangerous apps on iOS. But what is it that makes these apps a success?
Mostly, it’s the attackers’ ability to make them pass as genuine apps. A fake app that mimics or is somehow related to the popular authentic counterparts is much more likely to be downloaded in greater numbers. This is why many of these phony apps carrying spyware and other toxic content are often related to social networks such as Facebook, messaging apps like WhatsApp and Skype, or even games like Fortnite.
Mobile games, actually, bring another important argument into the topic. Since they’re made for children and teens – who likely don’t have the appropriate insight into the matter – it’s much easier for a forged app that’s even loosely related to these games willingly installed onto a device. Cyber criminals rely on youngsters’ innocence to ignore the suspicious permissions and often use the exact same screenshots as the official apps, making it even harder to differentiate. Also, since kids are often playing games on an adult’s device, there can be a lot of important data for fake apps to collect.
Can a VPN Help Against Fake Apps?
VPNs are great privacy tools with impressive functions that keep ISPs and eavesdroppers away from your data thanks to their military-grade encryption and useful security features. However, these tools are not antiviruses and won’t do much if you happen to install a hazardous app full of malware.
They are very popular nowadays, though, and as such there is a similar problem to fake apps. Many of them are created by trustworthy and reliable companies, but others are fakes designed to steal your data. The best example of this can be seen with free VPNs, which cannot be stressed enough how these are not what they first seem.
Nothing is truly free nowadays and if you’re not paying with your money, then you’ll be paying with the gathering and selling of your data, that is unless they’re reliable VPN companies like the ones we have thoroughly tested here on Best Reviews.
Best VPN Services of 2019