Forget Farmville or Angry Birds. One of the most popular games on Facebook is now Candy Crush. I’ve never played any of them, but I see my friends on Facebook unlocking new levels regularly. (I confess to playing Scrabble and Lexulous, and I’ve played Words With Friends once or twice.)
Like any popular trend, fashion fad or major news event, though, Candy Crush has attracted imitators. Some critics are calling attention to the potential for invasion of privacy – or worse – from some of these copycats.
An article on the website viruss.eu this week called attention to fake Candy Crush apps popping up online, as cybercriminals attempt to capitalize on the game’s popularity, the article said. The apps include computer code for ad networks, which cybercriminals could use for their own nefarious purposes. The apps also can collect information about users that they might prefer to keep private.
The apps apparently tend to target users of Android phones more than other smartphones, the article says.
Fake or malicious apps are hardly new. Researchers have found more than 290,000 malicious apps, with about 68,000 of them still available in the Google Play store. Some come disguised as games, media player apps, even security programs.
What can consumers do to avoid fake apps? BBB has the following recommendations:
- Only download apps from trusted, well-known app stores and recognized developers. This isn’t fail-safe, but it’s a start.
- Be sure to read the app page before you download it. Look at the developer’s page and any comments on the app. Other users’ comments could inform you of bad experiences with the app.
- Install security apps on your devices. These can detect and delete malicious or high-risk apps.
- As you install apps, make sure you check out any permissions they ask you to grant. If you’re not comfortable with any of the permissions, don’t grant them and consider deleting the app.