Cybercriminals will try any means necessary to dupe users into installing a fake app.
Social engineering tactics
Cybercriminals will send emails and text messages that appear to be from legitimate sources to trick users into downloading fake applications.
Third-party app stores
These legitimate-looking apps can also be hosted on third-party app stores.
Malicious actions performed by fake apps
Display advertisements
Some fake apps contain adware which automatically floods the unsuspecting user with hundreds of pop up ads to gain advertising revenue.
Infect devices with malware
Fake apps are capable of infecting devices with malware and harvest personal information and sensitive financial data.
Take control of the mobile device
Some fake apps can gain complete control over the victim’s mobile device and provide remote access to the cybercriminal.
Facilitate ‘man-in-the-middle’ attacks
Many mobile apps are vulnerable to man-in-the-middle (MitM) attacks. MitM attacks allow attackers to intercept communications or alter them secretly and can be used to steal login credentials or personal information, spy on the victim or sabotage communications or corrupt data.