The applications on a mobile device allow us to use that device in a number of ways, from productivity, to entertainment, to networking. However, despite the efforts of Google to keep out the riff raff, the Google Play Store has plenty of malware available to download in the guise of a desired app. Today, we’ll review a few tricks to help you spot them before pressing ‘Install.’
First, it may help to know how these fraudulent and malicious apps make it on the Play Store in the first place.
How These Apps Make it On the Play Store
It should go without saying that Google understands the importance of security, so it isn’t as though it is necessarily easy for malware to make it into the Play Store’s catalogue. However, in response to Google’s stringent standards, malware developers have gotten clever and devised a simple means of sneaking past the automated security. Instead of attempting to upload an app with malware already incorporated, these applications initially hold no real threats internally and, as a result, are able to pass by the Play Store’s security unhindered. However, once these apps are downloaded and installed on a user’s phone, they reach out to a third-party server and download the malware directly. Many malicious apps are added in this fashion, although many still sneak in full loaded and ready to go.
Spotting Fakes
While Google has made efforts to fight back against malicious and fraudulent apps with technologies like Google Play Protect, the thing that will keep you the most safe and secure is good, old-fashioned vigilance. When you decide to install an app in the future, refer to the following list to make sure that it is a legitimate, trustworthy addition to your device.
Name, Description, and More – The first signs that an app isn’t legitimate can be found in its name and description. Many malicious apps will mimic the name of the original application as closely as they can, skirting Google Play’s impersonation policy that would allow the original developers to complain and have the copycat pulled.
It is also important that you read the description. Many impersonated apps will feature broken English, or might seem to be written by a bot. The description is the best representation that a developer will have for their app, so a legitimate app will generally have carefully crafted and proofed copy. You should also double-check the images of the app that the developer provides to ensure that similar issues are not present there, either.
Checking the Reviews – One of the biggest benefits that the Google Play Store offers a user is the fact that these users can leave reviews. These reviews can often help indicate that an application is problematic. Granted, a fake app is often accompanied by fake reviews that sing its praises. However, looking at the negative reviews might provide some insight into whether or not the app is worth the download – and if the app is actually a disguised threat, someone else might have called it out to warn others.
Who Developed It? – Similar to seeking issues in the name and description, you should always check to ensure that an app was developed by exactly who it should have been. If the app is a well-known one, it should be pretty clear who it was that developed it, but some common sense may also be necessary. Would you expect the latest need-to-have business application to be developed by a reputable and recognizable company, or by someone who goes by “Super Developer2?”
To be especially certain, you can also check what else that “Super Developer2” has created by clicking on their name in the listing. Does the list of apps that they’ve developed make sense? This is another effective litmus test to base your decision upon.
Download Count – This factor will vary based on how common the particular app you’re trying to download is, but the most common apps have been downloaded billions of times. Therefore, if you’re looking to download a popular app, download counts in the hundreds, thousands, or even millions are low, and are likely fraudulent.