Fake apps appear in the Play Store to trick users into downloading them after which they are pelted with a lot of ads or even malware.
How These Fake Apps Trick Users
The fake version of WhatsApp which has been shown by argument to be the most successful of fake apps yet was a bit indistinguishable from the real app especially because it was visually identical and had the same developer name. The difference could only be technically spotted.
Left: The legitimate WhatsApp Inc. listing; Right: The fake listing.
The VLC ripoff is quite different in the sense that it uses VLC’s open source code and Media Player Classic’s icon.
These apps are being used to make money off of users and that is why this is a concern.
How Google Is Combating This Issue
Google is beginning to address this issue with Google Play Protect – a security system used to verify apps in the Play Store. Upon entry into Google Play, it scans apps and Google says that it removed over 700,000 mischievous apps last year. Play Protect was only announced a year ago, so it’s still a relatively new system.
How to Spot (and Avoid) These Fake Apps
- Take a Close Look at the Search Results. If you search the Play Store for the app you want to install, take a few seconds to glance at all the entries especially if you see the same icon more than once.
Fake apps will almost always use the icon from the app they’re trying to mimic, so it should immediately arouse suspicion if you see the same icon more than once (if the second one isn’t a pro version of the app, of course). This is the first way fake apps trick people into installing them.
- Check the App Name and Developer. Take a close look at the app name and the developer.
In the case of the fake WhatsApp, the developer name was visually identical, but the name of the app should’ve served as a warning. There’s no single time a legitimate app added the word “Update” to its name.
The fake SwiftKey app that landed was called SwiftKeyboard but the developer name was Designer Superman which arouses suspicions.
If the developer name isn’t an immediate indicator, you should also check their other apps. You can do this on the web by clicking on the developer name on the Play Store listing; on your phone, just scroll down close to the bottom of the app listing to see more apps from that developer.
If something doesn’t look right here, it probably isn’t.
- Check the Download Count. If you’re downloading a popular app, check the download number to see if the app has been frequently downloaded by say a billion users (like Facebook), if not then you are probably looking at a wrong list.
There’s no chance a fake app will last in the Store long enough to get so many downloads, so it’s an easy way to spot a fraud, assuming you’re looking at a popular app. But if the app is not so popular then this step may not help.
- Read the Description and Look at the Screenshots. If everything else looks close enough, the description can often be the thing that reveals if it’s fake. If the wording seems off (think bot-like) or is written in broken English, that should serve as warning.
Most legitimate developers provide clear communication as to what their apps do. Most use good, clean formatting in the listing. So, if something feels strange here, it probably is.
The same applies to the images. Now, there’s a chance these could be stolen from the legitimate Play Store listing (just like the icon), but you should take a closer look anyway. Take the SwiftKey for example;
“Typing like flying Swift?,” something is definitely wrong.
- Finally, Read the Reviews. After you’ve looked at all the details, spend some time reading a few of the reviews.
Fake apps often have fake reviews, but there are also likely to be some legitimate reviews from users who realized the app was bogus after installing it. Look for the negative reviews and see the issues there. If it’s fake, hopefully someone has called it out in the reviews.
What to Do if You Spot a Fake App
If you happen to spot a fake app, there are things you should do (aside from, you know, not installing it). The first is to report it—let Google know it’s a fake!
If you encounter a fake app, report it (let Google know it’s fake.)
To do this,
- Scroll to the bottom of the page (regardless of whether you’re on the web or mobile) and click or tap on “Flag as Inappropriate.”
On the web, this will take you to a Google Play help page where you’ll need to also click on the “report inappropriate developer reply form” link, and fill out the form accordingly.
However, on a phone, it’s a lot easier. After you click on Flag as Inappropriate, choose the reason why you’re reporting the app – for fake apps, use the “Copycat or Impersonation” option.
- Tap submit, and it’ll get shipped off to Google, which will (hopefully) review it.
The best thing you can do is raise awareness, only then will more people report the app for fraudulent activity. In turn, Google should react more quickly. The developers of the legitimate apps often lend their opinions in such cases as well.
Anything can be faked if the mischievous developer is working really hard so if you see an app whose authenticity you’re not sure of, best don’t download it. Do some more research like going to the app’s homepage and click the button to get it on Google Play, that way you can get the ideal stuff.