Before you download: Is that app a scam?

App icons with dollar signs.

Part of the beauty of smartphones is the ability to download apps that do amazing things at the touch of a button—and often for free. But as with most good things, scammers had to go and ruin it for everyone, by creating apps that trick you into parting with your money. In some cases, scam apps might be able to steal your information or install malware on your device.

[Stay up to date on the latest privacy news and tips. Sign up for the ExpressVPN blog newsletter.

What is a scam app or fake app?

Scam apps come in various forms and often wear convincing disguises. And unfortunately, they’re common even in the App Store and Google Play Store, which already take stringent measures to vet all apps. A recent analysis by The Washington Post found that nearly 2% of the 1,000 top-grossing App Store apps were scams.

Here are examples of scam apps and fake apps:

Imitation apps

Just a simple app store search for “Angry Birds” will turn up dozens of knockoff apps. These imitation apps mimic other popular apps to mislead users into downloading them by mistake and charging money for them.

Fleeceware apps

These types of scam apps charge high fees while offering little or no functionality. One example in the Washington Post article is a paid QR code reader app, which is unnecessary since all smartphones are able to scan QR codes. This particular app had made 879,000 USD off App Store customers. Fleeceware apps may promise a free trial for a set duration but charge you ahead of the end date or fold in hidden ongoing fees without an easy way to unsubscribe. Researchers at Avast discovered that over 400 million USD has been lost to fleeceware apps on both iOS and Android.

Apps with inflated ratings

Sometimes low-quality apps rank well in the App Store or Google Play due to the app maker’s manipulations of ratings. This tactic is nothing new, but nonetheless it’s a method of scamming users into paying good money for an inferior product. 

Scareware apps

In some cases, ads scare users by showing them false messages about viruses detected, with links to the scam app that users think they need to fix the problem. In many cases, scareware points users to fake VPN apps. Another scare tactic is a free app showing the user invented messages about viruses or vulnerabilities that they can cure by upgrading to a paid version of the app.

Fake dating apps

So you download a dating app and an attractive single starts sending you messages. You’re eager to respond—but the app tells you to upgrade to a paid version in order to continue the conversation. Yes, it’s all a scam.

Fake crypto apps

In March of this year, ExpressVPN helped to analyze apps purporting to be crypto wallets. These apps were particularly malicious, as they weren’t scamming users out of apps fees but actually getting them to enter their crypto private keys, which unlock their crypto accounts, into the app.

Read more: Here’s what vaccine scams look like

Protect yourself: How to know if an app is a scam

Scam apps are designed to look like the real deal, but there are ways to identify them. Here are a few tips on avoiding fake apps.

1. Don’t take ratings at face value

Ratings are front and center on both the Apple App Store and Google Play Store, and for many users, these are the quickest way to determine if an app is legit. After all, a 4.5-star rated app is bound to be trustworthy, right?

Not quite so. Ratings and reviews may very well be given by dummy accounts used by scammers to create credibility for the app. Telltale signs include single-sentence written reviews and reviews that have nothing to do with the app in question. What’s more, some scam apps can even force users to leave good reviews by withholding app access until the user submits a high rating. 

Reading an app’s most in-depth reviews, especially its unfavorable ones, is a great way to figure out if the app is genuine or not. 

2. Verify the app listing’s details

Fake apps and knockoffs are meant to capitalize on the popularity of prominent apps. If you’re searching for a specific app that’s already well-established, such as a social media app or a banking app, there are ways to make sure you’re downloading the exact one you’re looking for and not a lookalike.

Carefully screen through its logo, description, developer information, app screenshots, and any other information provided, and compare them against what’s listed on the developer’s official website (if there is one). An efficient way to bypass this step is to visit the original website, then look for a link to its app in the app store. 

3. Stick with reputable developers and apps 

It’s a safer bet to go with big developer names like WhatsApp Inc and Google LLC. For more obscure apps, do your research by reading reviews and commentary on forums, YouTube, and third-party review sites. 

If you’re unable to find information about it, it’s probably best to avoid it and look up better-reviewed alternatives. 

4. Be wary of useless apps and oddly high fees

Fleeceware apps often target children as they’re more likely to ignore red flags—such as if a simple game offers a free trial but charges more than, say, 50 USD per month thereafter. Set up your kids’ phones so they can only download apps with your approval, such as with Apple’s Family Sharing system.

If you’ve already installed an app and signed up for its free trial, you can track and cancel your active subscriptions via your device’s settings. Be sure to monitor your payments for any suspicious or unfamiliar transactions for at least a few days afterwards, so you’ll be able to seek a refund from the app store or your bank right away.

Report scam apps

If you identify a scam app or fake app, report it to the app store carrying it and spare no details in your review to help others stay clear of these fraudulent apps. 

On iOS, you can report an app by visiting www.reportaproblem.apple.com, signing in with your Apple ID logins, then reporting the item or app in question.

For Android, you can do it in one of two ways: 

  1. On Google Play Store, first search for the app’s listing > tap on the three-dot menu in the top-right section > tap “Flag As Inappropriate” > select the category for “Harmful to Device or Data” > click Submit.
  2. On the Google Play Store Website, search for the Report Inappropriate Apps form and fill in the relevant details.

Other ways to stay safe from scams

Besides knowing how to identify scam apps, there are a few additional measures you can take to enhance your online security, such as using strong passwords with the aid of a password generator, setting up two-factor authentication (2FA) on your accounts, and using a VPN on all your devices.

Ever downloaded a scam app? Let us know in the comments.

Technophile and self-professed meme queen with a penchant for games, dogs, and sushi.