According to The Washington Post, nearly 2% of the top grossing apps on the App Store are fraudulent. Market research firm Appfigures suggests almost $50 million has been cheated out of the hands of consumers.
Due to the way the app store functions, The Washington Post states that Apple likely retained a 30% cut of the generated revenue from these fake apps. That means that Apple is directly profiting off of these illegitimate applications, which is not a good look.
Due to the lack of competition and monopoly over which apps consumers can access, Apple may be getting lazy with their reviewing process. Rip-off apps or dupe apps with wording changes (ex. offical app is “YouTube” while an unofficial “You Tube” app also exists) are becoming more common.
Arguments against the tech company say that consumers are being lured into a false sense of security. If these scam apps are making their way onto the App Store charts, more people will download them, and potentially fall victim to fraudulent transactions.
Since The Post relayed the findings of their research to Apple regarding the app scams, 12 of the 18 fraudulent apps have been removed.
Another type of app quietly gaining traction are “fleeceware” apps, which use fake customer reviews to rank higher in App Store ratings. This makes the app look legitimate, which in turn convinces customers to pay a higher price for services the app provides. Usually, the services from the fake app are offered elsewhere on a legitimate app.
The Post’s analysis also concluded that while the Google Play Store had 70 fleeceware apps, the Apple Store had almost double the amount at 134 apps. Those 134 apps earned a total of $365 million, with the majority of the victims residing in the United States.
While it’s clear that the tech giant should start pouring some of their resources into maintaining better cybersecurity in the App Store, it’s also a reminder to consumers to be aware of what you’re downloading onto your smartphone. When you download apps, particularly ones that require a credit card or other financial information, you should really scrutinize the source.
Do the reviews for the app have grammatical inconsistencies? Is it just the same review posted multiple times? How many overall downloads does the app have, and is there a duplicate app when you search the name?
While it’s frustrating and disappointing to see a lapse in security from such a large tech company, especially at a time when cyber attacks, ransomware attacks and other social engineering attacks are at an all time high, it’s important to stay vigilant and aware of what’s going on around you.
The consequences of ignoring cybersecurity best practices are real, and they are costly.
Who’s Got Your Data?
Need an estimate? Request a quote below!