While the App Store (iOS) and Google Play ( Android) are considered legitimate application warehouses with strict censorship mechanisms, in reality, many fake applications still pass through the screening round, sneaking into users' devices to steal personal data and money in accounts.
Fake applications are often sophisticatedly disguised as games, photo editing tools, utility software or financial applications.
They have names, symbols and interfaces that are similar to famous apps, even paying for ads to appear at the top when searching.
After installation, users are often required to provide deep access such as Facebook, photos, microphones, GPS location or reading and sending messages, paving the way for sensitive data collection.
Mr. Jake Moore, global cybersecurity expert at ESET Security (UK), commented: "The danger is that many fake applications only activate malware after being downloaded and used for a while.
This helps them bypass the censorship system of the application store. Once they have access to messages, attackers can block the OTP code, steal bank information and make transactions that the victim does not know about.
In addition to stealing information, fake applications also use the trick of automatically registering for payment services or installing tracking codes to exploit user data to serve large-scale fraud campaigns, according to Mr. Moore.
In some cases, they also remotely take control of the device to install additional malware.
Many users have suffered significant financial losses just because they mistakenly downloaded fake applications such as banking applications, e-wallets or e-commerce platforms.
The common characteristic is that victims often subjectively trust the official application store and ignore unusual signs such as strange developers, negative reviews or requests for access rights not related to functions.
To avoid this, Mr. Moore recommends that users should carefully check developer information, downloads, reviews, and update dates before installing.
Only download the application from official sources and recommended by a reputable supplier. At the same time, you should use security software, activate two-layer authentication for bank accounts and emails, as well as regularly review installed applications to remove applications of unknown origin.
In reality, although platforms such as the App Store and Google Play are constantly improving their malware filtering and scanning systems, user vigilance is still the most important "defense line", against increasingly sophisticated and global technology scams.
