Fake Retail Apps Are Here, Just In Time For Christmas

apple-app-store-google-play

The holiday season has arrived — meaning sales, snowflakes, good cheer, Christmas carols and fraudsters working day and night to break open your bank account through a variety of creative means.

One of this year’s favorites so far, according to reports in The New York Times, has been fake retail and product apps popping up in the Apple App Store of late.  They sometimes pretend to be real retail chains like Dollar Tree and Foot Locker, or big department stores like Dillard’s and Nordstrom, or online product bazaars like Zappos.com and Polyvore, or even luxury brands like Jimmy Choo, Christian Dior and Salvatore Ferragamo.

“We’re seeing a barrage of fake apps,” said Chris Mason, chief executive of Branding Brand.

Not all are theft-oriented — some are essentially harmless spam apps. But some are not so harmless, as they take credit cards that can be reused fraudulently, or install malware that can steal personal information or even lock the phone until the user pays a ransom.

The rogue apps mostly originate in China — and tend to be well-designed to slip through Apple’s process for reviewing all app store items.  That scrutiny in the App Store is one of Apple’s main selling features over the Google Play Store — and in theory, Apple software is supposed to stop deceitful apps or those that improperly uses another company’s intellectual property.

Reality is different than theory, however. Apple mostly focuses on blocking malicious software, but it’s more lax about watching out for other violations within the app store.

With apps becoming more popular as a way to shop, it is up to brands and developers themselves to watch for fakes and report them, much as they scan for fake websites, said Ben Reubenstein, chief executive of Possible Mobile. “It’s important that brands monitor how their name is being used.”

Apple removed hundreds of fake apps last week after the Times inquired about the specific app vendors that created many of them.

“We strive to offer customers the best experience possible, and we take their security very seriously,” said an Apple spokesman, Tom Neumayr. “We’ve set up ways for customers and developers to flag fraudulent or suspicious apps, which we promptly investigate to ensure the App Store is safe and secure. We’ve removed these offending apps and will continue to be vigilant about looking for apps that might put our users at risk.”

Despite Apple’s efforts, new fake apps appear every day, as fake appsters are full of creative ideas about how to get around security.

“It’s a game of Whac-a-Mole,” Mr. Mason of Branding Brand said.