It feels like pretty much every major chain retailer out there now has an accompanying app they want you to download to your phone. These are supposed to enhance your shopping experience, provide you with targeted discounts, and provide the retailer with a wealth of useful data. What they aren’t supposed to do, though, is steal your private information — but there are a whole lot of clones out there that do just that, and in the run-up to the holiday shopping season, they’re popping up like mad.
Counterfeit and clone apps have always been endemic to the ecosystem of your phone. While they’re known more for showing up on Google Play and Android devices than on iOS and Apple ones, neither system has ever been completely immune. Meanwhile, we’re barreling into the time of year where basically everyone starts doing a whole lot more shopping, and that means more people are going to see “download our app now and save money” signs at the stores they visit.
The combination of the two makes this the prime moment for fakes to start showing up in droves, the New York Times reports.
Some of the fakes are comparatively harmless. They don’t do anything for you, but they don’t really do anything to harm you other than displaying a whole bunch of annoying ads.
Others, however, are downright dangerous. Putting payment card information into a fake app is basically like having it stolen. Some fake apps are malware that can steal information from your phone, or ransomware, that can hold your device and its contents hostage until you pay up.
Apple has, metaphorically, a higher wall around its garden than Google does. It’s easy by design to put new apps on Google Play; reaching the App Store for iOS devices, though, theoretically comes with a stricter review process.
That said, the NYT points out, Apple doesn’t have dedicated personnel screening every single app every single day, and plenty that aren’t obviously malicious right on the face of them will get through.
The NYT points out that Apple quietly removed hundreds of fakes and clones after the paper asked about them, and that more were removed after another media outlet highlighted them last night.
Both stores that do and don’t have real apps have clones aplenty looking for you online. Dollar Tree has no official app, for example, so the one that consumers find on iTunes can grab everyone.
Others are more pervasive in a different way. Foot Locker has three official apps, the NYT explains, but there are 16 clothing- and shoe-related apps that are made by “Footlocke,” many of which are designed to look like legitimate apparel retailers.
In the long run, though, the onus is still on consumers to read very, very carefully before they install any software. Its users’ responsibility to flag anything suspicious, and to double- and triple-check anything before agreeing to it.
“We’ve set up ways for customers and developers to flag fraudulent or suspicious apps, which we promptly investigate to ensure the App Store is safe and secure,” a spokesperson for Apple told the NYT. “We’ve removed these offending apps and will continue to be vigilant about looking for apps that might put our users at risk.”
Beware, iPhone Users: Fake Retail Apps Are Surging Before Holidays [New York Times]