How to avoid and spot fake and malicious mobile phone apps

The mobile app market is one of the fastest-growing industries that is also changing people’s lives as the world becomes more digital.

Mobile apps have become a powerful force for almost everything from business, to health, gaming education and entertainment among many other uses.

While mobile apps are very useful, some may be malicious, something that is not new.

William Petherbridge, manager of Systems Engineering at Fortinet said Cybercriminals are unleashing a fresh wave of malicious apps designed to steal your most sensitive information—and they’re getting smarter by the day

“The landscape of mobile security is changing rapidly. Fake apps and malicious updates are now among the most serious threats facing smartphone users.”

Malicious apps

Last year, Google was forced to crack down on rogue apps posing as legitimate apps in its Play Store, with fake apps often masquerading as trusted brands like Instagram, Snapchat, WhatsApp, and X.

Even more insidious are malicious “updates” that can turn your phone into a spy in your pocket.

One such threat is the “Antidot” Android Banking Trojan. This malware disguises itself as a legitimate Google Play update but can secretly log your keystrokes, potentially stealing passwords, credit card numbers, and other sensitive data.

Petherbridge cautions that if malware infects your phone, you have to assume that all data on the device is compromised. This includes your banking apps and even virtual card information.

ALSO READ: Are your favourite apps eating your data? Here’s what you need to do

How to spot and avoid fake apps

• Stick to official sources: Always download apps from the Google Play Store or in the case of Apple from the App Store. Third-party app stores are far more likely to host malicious software.

• Check the developer: Look at the app’s developer information. Reputable companies will have a consistent naming convention and website link.

• Read reviews carefully: Be wary of apps with few reviews or many that sound suspiciously similar. Fake reviews are a common tactic used by scammers.

• Examine permissions: Does a simple game really need access to your contacts or camera? Be sceptical of apps requesting excessive permissions.

• Watch for red flags: Poor grammar in descriptions, low-quality graphics, or promised features that seem too good to be true are all warning signs.

Petherbridge said vigilance is key as cybercriminals are constantly evolving their tactics.

Users need to stay informed and cautious.”

Reduce the risk

• Install operating system updates promptly
• Use a reputable mobile anti-virus solution

• Consider encrypted cloud backups for your data

• Be wary of phishing attempts via email, text, or phone calls

• Avoid using public Wi-Fi without a VPN

Jailbreaking

Also, avoid “rooting” your device. Rooting (sometimes called “jailbreaking” for iPhones) gives you administrative access to your device’s operating system. While this allows for greater customisation, it also bypasses many built-in security features, potentially exposing your device to increased risks.

Stay informed, stay cautious

As our reliance on smartphones continues to grow, so too does the importance of mobile security. The battle against malicious apps is ongoing, with cybercriminals constantly devising new ways to exploit our devices.

Petherbridge said people should stay informed and stay cautious.

“Remember that your best defence is your own awareness. Treat your smartphone security with the same seriousness you would your home or personal computer. In the digital age, your mobile device is often the key to your entire online life – safeguard it accordingly,” Petherbridge said.

ALSO READ: Slow and glitchy smartphone? Try these quick fixes