With the availability of apps for virtually everything one can think of, there is a deluge of apps that may not necessarily be friendly. There are umpteen apps—notably fitness, news, and weather apps—that leak user data to the developers or third party data monetization companies. Since data is available easily, it can even be intercepted by cybercriminals who can either misuse this data for numerous financial crimes or sell it in the dark web to make easy money.
Rogue Apps on Both iOS And Android
According to a recent study by a security company called Zimperium, one in every 50 iOS apps on corporate devices leak data. While iPhone apps have been known to quietly share location details of millions of users, Android apps are not too far behind. Considering that an average user has about 140 apps installed on her device, it can well translate into a major security catastrophe waiting to happen.
The major app stores do have policies and review procedures in place that reject numerous fraudulent apps. But, given the incredibly large number of apps and updates being added every day, it is likely that not all the functionalities of every app would go through rigorous tests. And to make matters worse, even known app vendors have been caught trying to evade specific functionalities reviewed.
Although user reviews are considered helpful while evaluating an app, there are a number of fake reviews—both positive and negative—that aim to either promote or tarnish the app. There are cases where unauthorised and even paid reviews have been posted. In such cases, it becomes difficult to distinguish between the genuine and fraudulent apps.
Unless, the authenticity and security of an app is established, it may be a major risk for a user—especially in the corporate world—to download an app. The best way out is to take measures to evaluate an app before it is downloaded. There are certain steps that can be taken to identify such scam apps: These include:
- Looking closely at the way the reviews are worded.
- Searching for the credentials of the app developer/vendor.
- Checking if the app vendor has other apps available on the store.
- Searching for “vendor name + scam”.
- Being aware of the user interface trying to trick you emotionally into clicking something (dark patterns) that you normally would not.
- Critically evaluating the freebies or discounts that sound too good to be true.