Apps. We all love them and our lives are effectively run by them, but research has revealed they’re increasingly growing deceitful with ulterior motives.
Already many app developers bombard users with unwanted popups and steal emails for targeted advertising. However, ESET senior research fellow Nick FitzGerald says it goes much further than that, which means users must fully verify any apps they install or download to avoid the potential ramifications of malicious apps.
"At the end of last year, fake fitness-tracking apps scammed multiple users into losing money via a payment mechanism which linked to users’ credit and debit cards connected to Apple accounts. This should signal to consumers that installing and downloading apps and features online should only be done with the utmost precaution,” says FitzGerald. "Downloading a fake app can open users’ devices and, consequently, networks, up to a range of dangerous implications, including data breaches and bank account depletion."
ESET has provided five steps that users can take to verify the validity of online apps and ultimately improve the app ecosystem.
#1. Be aware that reviews can be misleading
The first thing a lot of users do before downloading an app is to look at the reviews to allay any misgivings they might have.
However, ESET says while the reviews section can most often indicate the quality of an app, some reviews can be too old to rely on, or even be deliberately planted by scam app developers themselves.
When reading reviews, consumers should look to see the comments are recent and steer clear of apps with reviews using vague or nonsensical language or repeated content. ESET recommends keeping an eye out for comments belonging to profiles with similar usernames or simply profiles that appear fake.
A hot tip is to reorder the ranking options to gain a more balanced picture and look to the reviews that are deemed ‘most critical’ first.
#2. Be patient
I know, you want the app and you want it now, but ESET says it’s wise to exercise restraint when purchasing or downloading an app as soon as it’s released. Rather, it’s better to wait a few days for reviews to develop and then have a look through what other users are saying.
#3. Be aware of valid functionality
It’s vital for users to learn the extent to which their devices operate, as ESET says this will enable them better spot scams which require certain identification methods.
“For example, fitness tracking apps will never be able to use a user’s fingerprint scan to access a user’s calorie data or nutrition information, so an app requiring fingerprint scans for this purpose is likely bogus,” says ESET.
“Likewise, if an app requests information or permissions upon download that it simply doesn’t need to do its job, ESET advises users to steer clear. A flashlight app doesn’t require users’ email addresses or phone numbers to do its job, nor do most downloadable games.”
#4. Dig deeper
ESET asserts there are several ways users can find evidence that an app might not be trustworthy. Users can search app developers’ names and research any past apps they’ve uploaded to find historical reviews or articles which might reveal critical information.
Users can also Google the app developer’s name alongside the word ‘scam’ to turn up more specific results.
#5. Make a difference
Finally, if users discover they have downloaded an untrustworthy app, they should act immediately by contacting the App Store or their financial institutions and request a refund.
To help other users avoid making the same mistakes, users can also report fraudulent apps to the App Store or Google Play and leave critical reviews on the app developer’s content.