New Zealand Law Society - Watch out for those scam apps

Watch out for those scam apps

This article is over 3 years old. More recent information on this subject may exist.

In March 2017, it was reported that Google’s application market, Play Store, had 2.8 million mobile apps available for download. The Apple App Store is catching up, with 2.2 million apps available; followed by Windows, Amazon and Blackberry’s stores, respectively.

At Apple’s last annual developer’s conference, the tech company announced it paid out US$70 billion to app developers, with 30% of that revenue coming from the last year alone; it’s safe to say, app development is a very lucrative business.

However, an article published on blogging site Medium in June has exposed what seems to be a large-scale problem over both company’s stores: scam applications.

What are they?

A pirate flag and cell phone

Scam apps are designed with the sole purpose of making a profit.

They are flooding the app stores and pop up in search results beside legitimate applications, making it difficult to tell the difference between what could be a legitimate and helpful application and a dangerous bug.

The composure of the applications varies. Some are easy to spot with their spelling errors and poorly phrased five-star reviews. Others are quite the opposite with some even making their way through to the ‘suggested’ apps filters and getting advertisements.

A very common problem is apps that gather and sell personal information and data on to third parties, usually advertisers. Others have just been fronts for malware and adware packages which are then installed on the phone while discreetly hiding behind a fairly bland application.

Malicious applications have even tricked users into using free trials only to then charge up to $99 per week after the ‘trial period’ ends. The apps can also make it very difficult to cancel the trial and, even if the application is uninstalled, users are still charged.

Due to the sinister design model of these applications, a half decent scam app can make anywhere from $10,000 to $80,000 in one month.

After the Medium article was published, it was noticed that a lot of these scam applications were cleaned out of the App Store. However, much like the Greek monster, Hydra, for every head removed more re-appear.

What to look out for

The app’s name

Scam apps have as many keywords in their name as possible. Much like a Google search, the aim is to get to the top of the store search results so that it’s seen.

Some real-life examples are ‘Protection for iPhone – Mobile Security VPN’ and ‘WEP Password Generator – Wi-Fi Passwords’. If they read like a word jumble, then they ought to be avoided.

The same applies to the product description. Misspelt phrases like “User mus subscriptions to premium version” are obvious signs that an app is probably a scam.

A lot of scammers use organisational apps like calendars, duplicate contact removal apps, antivirus and other security applications. Some brazen developers have even been known to masquerade behind scam-recognising applications.

Who made it?

For the more legitimate looking, but uncommon applications, check to see if the developer is a single person or a company. Most legitimate applications will have an official website address that provides more information about the product.

What permissions (parts of your phone) does it want access to?

Look at the permissions it asks for and question it if it doesn’t make sense. Why would a calendar merger request access to your camera, microphone or photos? Likewise, if an antivirus asks for permission to access your emails or contacts you probably shouldn’t download it.

What to do if you’re unsure of an app’s legitimacy

There is a website called SensorTower that can help with this. It provides data on most applications in both the Play Store and the Apple Store.

SensorTower provides access to all user ratings and its data is easy to interpret. You can see what people really think of an application; how it performs, the revenue made, downloads per country, and whether it’s a dead app that hasn’t been updated, etc.

This is also a great tool to check out the performances of legitimate applications. A well-known store might provide an online shopping app, but it could be rubbish and not worth your time.

Of course, not all poorly phrased applications are scams. However, if someone hasn’t put much effort into the presentation of their product, it might not be worth downloading.

The moral is that while technology and applications can make our lives much better, there is always going to be a downside.

Nowadays we just download things without reading the information, assuming all will be fine. If you’re unsure about an application, make sure you read the fine print, and the very fine print, because you can never be too sure about what strings might be attached.

Lawyer Listing for Bots