Saturday, Jan. 28, is International Data Privacy Day, a project of the National Cyber Security Alliance. The idea is to draw attention to all the personal information you own, be sure you know where’s it all located and how secure it is (or isn’t), and to know what you’re doing when you download a new app.
Virtually all apps for download ask the user for permissions to record and use items such as location, contact lists, use of a camera and so on. The longer the list of “permissions,” the more skeptical a downloader should be about the purposes of an app.
For example, if an app that offers free wallpaper for your smartphone also asks for a list of your friends or use of your camera, then something is amiss, and you probably ought to skip it.
There is also a big problem now with fake apps–apps that are simply fronts for more sinister purposes, such as stealing personal information or recording the user’s online usage patterns.
When one searches for an app on Apple or Google’s Play store, there will be a list of apps that resemble the original one, but are actually fake copies. Even if Apple–as well as Google–have a tough scrutiny of apps, new malicious apps nonetheless appear every day.
NordVPN, a virtual private network provider that uses high-level encryption and other security tools, told eWEEK that this month the biggest fake app scandal on Google Play store happened with the Indian BHIM app, which enables citizens to make digital payments. Numerous duplicates soon followed, some of them asking for permissions to review users’ personal information.
If an app is not free, or if it’s a shopping app that requires credit card info, or happens to be any other payment-related app, it is potentially very hazardous for the person who’s downloading a look-alike application, NordVPN said.
It has been asserted that while some apps simply have the aim to share ads, there are also many that seek to steal the user’s identity and credit card information. These apps can use malware to steal personal information or can even tinker with the phone and lock it up until the user pays a ransom.
Here are some simple tips from NordVPN about how to recognize a fake app:
—Incorrect use of language. Since most fake apps are made in haste, often where English is not a native tongue, they might use broken English grammar. Users should pay attention to spelling and grammar in any app descriptions if they have any doubts about its originality.
—Lack of reviews. Fake apps typically won’t have any user reviews, so that’s a definite sign an app could be a fake.
—It’s especially important to pay attention to retail apps. Many fake retail apps pop up before major holidays, such as Zappos, Nordstrom, Christian Dior and many others. Retail apps that ask users for their credit card info should be especially monitored.
—Correct developer’s name. Users need to check for the name of the developer in the corresponding category and avoid downloading apps that have a wrong or misspelled developer’s name.
—Website domains in the title. Some apps will feature the website in their title–that might also be a red flag.
—Variety of Apps. If an app is fake, the developer is likely making all sorts of apps that can cover anything from gardening to games to retail shopping.
—Leading to the website. If it’s a paid app or if it conducts any transactions and if it does not lead to a company website, something is amiss.
—Deals. If the app promotes a deal that is too good to be true, be suspicious.
Overall, staying vigilant when downloading apps is just one example of avoiding threats to your personal data. Internet users can also be proactive in ensuring they are taking additional steps to stay private and secure online.