Do app stores have fake apps?With the holiday season underway, Americans have begun holiday shopping. This means that a number of shoppers are looking for the best deals. While some people prefer to shop at brick-and-mortar stores, others prefer to shop in their living room through the Internet using their computer or a mobile app on their smartphone. Although shopping through an app can be extremely convenient, some shoppers are starting to encounter one of its downsides — fake apps. The New York Times and a slew of other news outlets reported earlier this week on the proliferation of fake apps, posing as legitimate apps for stores and brands, in the Apple app store. What are these bootleg apps, and what exactly do they mean for consumers? Read below to learn about these strange apps and how to protect yourself from them.

What are fake apps?

This isn’t the first time we’ve seen knockoff apps pop up in app stores, as a phony Pokémon Go app popped up in foreign app stores in July. Luckily, in the most recent instance, Apple was quick to remove the bootleg apps after the Times’ inquiry. While the true purpose of these newly-discovered apps isn’t know, there are a couple reasons why a thief would create such an app. Some copycat apps are only designed to annoy users with pop-up ads (but it should be noted that they could be malvertisements), while others aim to actively swindling shoppers into buying phony items to steal personal and financial information. Thieves may also use fake apps to infect your device with malware that takes over your phone and hijacks all of your data, similar to ransomware. Since fake apps have the ability to be rather dangerous, it’s important for consumers to know a little more about them and how to spot phony apps, especially as they use their devices to make holiday purchases.

Why are fake apps becoming a growing problem?

For Android users, fake apps are par for the course. Google’s ecosystem, with its higher degree of customization and more open structure, has simply been susceptible to frequent publishing of fake apps. But for Apple users, this is becoming a new norm. Fake apps have snuck into the app store before, but apparently not on this scale. Apple has what is called a “walled garden” approach to its application ecosystem, meaning the company gives a high degree of scrutiny to the many apps requesting to be in the app store. There has been some speculation about Apple’s lowering of the garden wall – assuming Apple isn’t planning to break it down entirely – in order to help the company compete with other mobile platforms. This year Apple has made a push to review all 2 million apps in its store, which hopefully should help, but experts have noted that Apple is only good at catching overtly malicious apps through its processes (as opposed to knockoffs and clones).

How can you protect yourself from fake apps?

While a good majority of the legwork involved to fight off these fake apps must be carried out by the app store provider, as consumers we also have a role to play. In order to protect ourselves, we must be extra careful about what we install on our phones and make sure we’re not using jailbroken devices. These steps should help to keep bad apps at bay, which will protect your identity and device.

1. Read app descriptions carefully. All applications feature the developer’s name, the company they’re affiliated with and the name of the app as well as key features and descriptions. Before downloading an app, make sure you at least skim some of these details and keep an eye out for inconsistencies or odd aspects. For example, a number of the phony apps that appeared in the Apple app store earlier this month had funny variants of companies’ names in their description (like Overstock, Inc. as opposed to Overstock.com, Inc., the real company name). While a minor detail like that may be hard to determine if the app is legitimate, a quick Google search can help you learn what the company’s official name is so you can confirm it matches the name in the app store. If you want to do some shopping with a specific company, like Nordstrom or Amazon.com, it might be safer to just go to the company’s web page on your mobile device and click a download link for the app from the site instead of simply searching through the app store — at least this way you know you’re getting a legitimate app.

2. If you’re not sure it’s a safe app, consider alternate methods of shopping. Your online activity, regardless of what device you’re using, can easily be compromised, either through phishing or other types of hacker exploits. As such, it’s always best to play it safe if you’re unsure about the legitimacy of an app. The same rule goes with any website, as shopping online in general has risks. Follow our guide to safe holiday shopping to learn more about how you can securely shop online an off.

3. Keep up with your bank or credit card statements. If you accidentally downloaded a phony app and made a purchase, one of the easiest ways to detect it early is to check your bank and credit card statements. Be sure to look for any purchases you don’t recognize, and if you spot any, contact your bank immediately to inquire about it. Similarly, you’ll want to make sure the store you purchased the item from is the store listed on your statement. For example, a purchase you make from Overstock.com should be listed as such on your statement. So if your statement says Bob’s Money Making Machine instead of Overstock.com, you’ll want to contact your bank immediately, as it’s likely that you downloaded and purchased something from a phony app or website. Regardless of whether you’re shopping in store or using the phone in your hand, it’s always a good idea to be aware of what’s going on with your bank accounts and credit cards throughout the holiday season and beyond.

Keep up with our technology blog for more information about staying safe while shopping online and other online-safety tips.