BBB Warns: Beware of Fake Shopping Apps

  
     
Who downloads apps? The question really should be who doesn’t?
November 16, 2016

According to comScore, Inc., sales made through mobile devices increased 56 percent last year and will certainly jump again this year. BBB warns crooks are exploiting this trend by creating fake retail store shopping apps that cause a variety of problems for people who download them.

Tell us about the problem:

  • It’s happening with the Apple App Store and Google Play.
  • Apple has shut down hundreds of fake apps in the past few weeks, but new ones keep popping up.
  • They’re straining Apple’s defenses because:
    • It looks for malicious code, but while the intent of the apps is malicious, there’s no malicious code in them.
    • Developers can change apps after Apple approves them.
    • After Apple shuts one down, the crooks often create a slightly different one.
    • The sheer volume of new apps in general makes policing them harder.
  • The problem seems to be greater with retailers who don’t have a mobile app, like Dillard’s, Dollar Store and Coach.

Who are some of the retail stores that have been impersonated?

  • Chains such as Dillard’s, Nordstrom and Foot Locker.
  • Online retailers like Zappos and Polyvore.
  • Luxury retailers like Jimmy Choo and Salvatore Ferragamo.
  • Even Kroger.

What can happen to people who download a fake shopping app?

  • Get hit with pop-up ads that generate advertising revenue for the developers.
  • Give their credit card information to crooks.
  • Have malware installed on their mobile devices that steals other sensitive data.
  • Have their phone locked up until they pay a ransom.

What’s your advice for people considering downloading a retail store shopping app?

  • Be judicious in downloading an app.
  • If you have any doubts about its legitimacy, go to the retailer’s website and see if they promote it.
  • Check reviews of the app before downloading it. If there are no, few, or bad reviews, take a pass.
  • Be wary if there’s only one app for a major brand. For the most part, companies will have many or none.
  • Watch out for misspellings and other typos that indicate the app developer is overseas. That by itself is not a problem, but most of these phony apps come from China.
  • Be wary of apps that ask for too much information, including permissions to access your contacts, social media profiles and location. Retail store apps shouldn’t need that information to process your purchase.
  • Be wary linking credit card or other payment information to any app.

The impact on people who download a fake app ranges from nuisance to really bad, including:

  • Getting hit with pop-up ads that generate advertising revenue for the developers.
  • Giving their credit card information to crooks.
  • Having malware installed on their mobile devices that steals other sensitive data.
  • Having their phone locked up until they pay a ransom.

For more information please visit bbb.org/atlanta.