Cybercriminals will try any means necessary to dupe users into installing a fake app. 

Social engineering tactics

Cybercriminals will send emails and text messages that appear to be from legitimate sources to trick users into downloading fake applications. 

Third-party app stores

These legitimate-looking apps can also be hosted on third-party app stores. 

Malicious actions performed by fake apps

Display advertisements

Some fake apps contain adware which automatically floods the unsuspecting user with hundreds of pop up ads to gain advertising revenue.

Infect devices with malware

Fake apps are capable of infecting devices with malware and harvest personal information and sensitive financial data.

Take control of the mobile device

Some fake apps can gain complete control over the victim’s mobile device and provide remote access to the cybercriminal.

Facilitate ‘man-in-the-middle’ attacks 

Many mobile apps are vulnerable to man-in-the-middle (MitM) attacks. MitM attacks allow attackers to intercept communications or alter them secretly and can be used to steal login credentials or personal information, spy on the victim or sabotage communications or corrupt data.