How to identify and avoid fake Android apps in Play Store

The fake Android app in Play Store is always a problem. Phishers create design applications that look like real applications, often using the same icon and name, to trick users into downloading and then attack them with ads (or worse) , are malware).

Recently, this issue is especially prominent when users discover a fake version of WhatsApp that was downloaded by more than a million people last year and only in the past few weeks, Reddit's community / r / android found one Fake version of the popular SwiftKey keyboard and VLC version on Play Store. These applications were then removed. These types of applications will steal all of the user's personal information, track every move they have made, or even worse.

So how do these fake applications trick so many people, and what can you do with it?

How these applications scam users

The fake version of WhatsApp - arguably one of the most successful fake applications - is virtually indistinguishable from the real application. Even the developer's name is identical. The fraudulent company has placed a hidden special character at the end of the developer 's name that looks like "WhatsApp Inc.", but technically the two names are different due to the hidden space at the end of the name. This method is very smart.

Left: List WhatsApp Inc. legal; Right: Fake list.

This fake application has been downloaded more than a million times before Google removed it from Play Store. This fake application is loaded so much because it is so similar to the real application from the icon, the sound to the developer name.

The fake VLC mentioned above is slightly different. It uses the open source code of VLC and the icon of Media Player Classic and has more than 5 million downloads. This application has very few features of a music player, it contains all ads and uses other music emitters.

Although this application does not steal data or contains malware, it is still a fake application used to make money. These fake developers are taking over the work of legitimate developers, filling applications with advertising and taking advantage of it to make money. This is really condemning and very happy that Google did the right thing to delete it from the store.

What is Google doing to combat this problem?

This is not a new issue, in fact, it has been happening for years. Luckily, Google is starting to solve the problem with Google Play Protect - a security system for verifying applications in Play Store. It scans applications when inserted into Google Play, which can eliminate many other fake and malicious applications. Google also said it removed more than 700,000 malicious applications last year. However, there are still a large number of fake applications that have passed that test.

1. Google Play Protect - useful feature to help protect Android device

Play Protect was announced less than a year ago, so it is still a relatively new system. We just hope Google uses this system to find ways to better control malicious content in its official app store.

How to know and avoid fake apps?

Although Play Protect can protect users from fake applications, you should not be too dependent on it because there are always fake applications that try to bypass this 'protection barrier'. Therefore, it is better for users to take the time to view the application list before installing. Here are some ways to help you avoid fake apps.

Take a closer look at the search results

If you search for apps in Play Store, you should take the time to look through all the items, especially looking at the same icons.

Fake applications often use icons from the applications they mimic, so you should question whether there is more than one same icon appearing in the results list (assuming the second set of applications Not the pro version of the application). This is the first way fake applications reach users.

If the icons are the same, consider their names.

Check application and developer names

Consider the app and developer names. In the case of fake WhatsApp, the developer name is identical, but the name of the application must be red flagged because no legitimate application has the word 'Update' in its name.

The fake SwiftKey application has been developed recently called 'Swift Keyboard'. This application confuses users with the real SwiftKey application. But the developer name is "Designer Superman", users can recognize it. This is a fake application because SwiftKey is developed by a company with the same name (and owned by Microsoft).

If the user cannot distinguish the fake application from the developer name, you should also check their other application. You can do this on the web by clicking on the developer name on the Play Store list or on the phone just scroll down to the end of the app list to see other apps from that developer.

Check the number of downloads of the application

If you are downloading a popular application, look at the number of downloads. Suppose you are installing the Facebook application - one of the most downloaded apps in Google Play with over one billion installations at the time of writing.

But what if the list you're looking for has only 5,000 downloads? Yes, this may be the wrong list because there are very few cases where a fake application can 'exist' in the Store for a long time to receive so many downloads, so this is an easy way to recognize fake when you search for a popular application.

However, when looking for an uncommon application, this way doesn't help you much. Of course, a fake application has fewer downloads than the application it mimics, so you should still pay attention to the numbers.

Read the description and look at the screenshot

This is an important step. If everything you check above is the same, try viewing the application description. If you find that the application is described in mechanical words or written in English in a sloppy, error-free manner, you should flag the application.

Most legitimate developers clearly describe what their applications provide. Most of these descriptions are written in a clear, neat layout. Again, if you see something strange here, that might be a fake application.

This also applies the same to the application screenshot. However, fake developers can steal those images from the legitimate Play Store list (like icons) but you should take a closer look. For example, take a look at the fake SwiftKey we talked about earlier:

The image looks pretty, but "Typing like flying Swift" "? What does this sentence mean? A meaningless sentence, so you should not install this application.

Finally, read user reviews

After reviewing all the details, take some time to read some reviews. Fake applications will often have fake reviews, but there may also be some comments from users who realize this application is not real after installation. Browse fast and see the negative reviews to see what the problem is. If it's a fake app, you can hope someone wrote a review in the review.

What to do if you detect a fake application?

If you discover a fake application, there are some things you need to do (other than knowing and not installing it). The first is to report this so that Google knows it's fake. To do this, scroll to the bottom of the page (on the web or on a mobile device) and click or tap " Flag as Inappropriate ."

On the website, after clicking it will take you to the Google Play help page to click on the "r eport the developer reply form " link and fill out the form.

However, on mobile phones, this operation is much easier. After clicking Flag as Inappropriate , select the reason you are reporting a fake application, for example using the " Copycat or Impersonation " option.

Touch to send, and it will be transferred to Google.

Now you should do your part, share this information on Twitter, Reddit, Facebook, or anywhere else. The best thing you can do is raise people's awareness, because then many people will report applications for fraudulent activities. In return, Google should react faster. Developers of legitimate applications often give their opinions and support in such cases.

This article has shown you some ways to test fake applications, so check carefully before installing the application. And finally, if you're still not sure, just don't install the application. Alternatively, you can access the application's home page (like SwiftKey.com) and click the " Get it on Google Play " button, to make sure you get the right application.

I wish you all success!

See more:

1. Decode all errors that appear on Google Play and how to fix them (Part 1)
2. Instructions for installing Google Play Store yourself
3. How to download applications on Google Play Store?