Fake apps flooding app stores pose significant risks to users

• One of the reasons for the proliferation of fake apps is the accessibility of ChatGPT as it makes it easy to build a mobile app even for those with minimal coding knowledge. 
• Fake apps’ names can differ by only one to two letters from the legitimate versions and users must verify spelling accuracy.
• Keeping applications up to date and ensuring that installations and updates are always done through official stores is vital.
• To verify an application’s authenticity, you may visit the developer’s official website. Download the app directly from the store link provided.

In the first three quarters of 2023, there was a 32 per cent increase in fake applications impersonating popular services. 

Banking and cryptocurrency applications are the most common targets. And many gaming applications are exploited to install malicious code on gadgets.

With more people turning to digital content, the mobile application market is becoming a new target for cybercriminals. More often than that, their goal is to steal users’ credentials or payment data and spread malware.

My advice to users is to check several critical parameters when installing the app to protect themselves:

• The developer’s name. Is it someone you can trust?
• The number of downloads, the more the better
• Reviews. Do they look credible?
• The application’s update history. Keep in mind that on average, a fake app can remain in the store for 64 days.

Developers

One of the reasons for the proliferation of fake apps is the accessibility of ChatGPT. This tool makes it easy to build a mobile app even for those with minimal coding knowledge. 

Revolutionising the tech world, ChatGPT now makes mobile app development accessible to all. 

This unparalleled breakthrough empowers even complete beginners to craft their applications guided by intuitive coding and real-time error debugging.

This highlights a trend of rapid and relatively effortless development of counterfeit applications. As we find ourselves amid this new era, there is a surge in the number of malicious applications in app stores. 

Nowadays, even an untrained teenage hacker could create a fake app in a few days. Dark Web malware templates and artificial intelligence services are available to generate convincingly authentic replicas of existing apps. And the rest is simple – just post them across users’ favourite platforms.

The main goal of a fake app is to mimic the appearance and functionality of the original, enticing users to download it. Fake apps’ names can differ by only one to two letters from the legitimate versions. This means that users must verify spelling accuracy.

Downloads

Top apps usually have a large download number. A recently published app with an unusually high download count could be a red flag.

Reviews

Examining the tone of user reviews can also provide valuable insights. Negative reviews may highlight potential issues, while plenty of positive reviews might hide manipulation, as cybercriminals know how ratings and reviews impact user choices.

By entering a login and password into a fake app, users are granted access to all personal information stored on their devices. 

Thus, it is crucial to meticulously review all requested permissions before granting access. Cyber hygiene practices, such as two-factor authentication, create an extra layer of data protection.

Keeping applications up to date and ensuring that installations and updates are always done through official stores is vital. Antivirus software provides additional protection, helping detect and eliminate viruses in real time.

To verify an application’s authenticity, you may visit the developer’s official website. Download the app directly from the store link provided.

For extra control, use app security control tools such as DerScanner. Checking an application’s safety with DerScanner is as easy as copying and pasting an application URL from the app stores. 

The scanner doesn’t need any source codes for a check. The application will be extracted from an app store providing a security rating as well as the full vulnerability report.

• Dan Chernov is the CEO of DerScanner, a comprehensive application security solution that combines static (SAST), dynamic (DAST) and software composition (SCA) analysis methods in a single interface.