How Holiday Shoppers Can Protect Themselves From Fake Apps

Fake apps are posing as stores that could steal money and personal information.

November 11, 2016, 10:37 AM

— -- Holiday shopping is underway and this year, more people are tapping into their smartphones to get the job done. But buyers beware — there are fake apps posing as stores that could steal money and personal information.

“You have ID theft, personal information being leaked, you have credit card theft where your number can be used once you’ve given it out and even counterfeit items so if the sale does go through, you may get an item that is not legitimate,” Andrew Blaich, a researcher at Lookout security firm, told ABC News.

Also, some apps ask for permission to access other information on a phone such as for the ability to track the user.

Branding Brand, a builder of retail apps, looks for these impostors.

“We discovered over a few hundred apps that were counterfeit,” said Chris Mason, CEO of Branding Brand. “This is between both the iOS store for Apple and the Android store for Google.”

Researchers found fake apps pretending to be from Ugg, Dillards, Dollar Tree, Zappos and New Balance.

“The consumer should be worried because this is a game of whack-a-mole,” Mason said. “New apps are arriving every day while other ones are being taken down. And the trend seems to be that this will be a problem for this upcoming holiday season.”

Some of the counterfeit apps discovered were for Android and others were for the iPhone, which may surprise Apple users who tend to think their apps have been vetted by the company's App Store.

“We’ve set up ways for customers and developers to flag fraudulent or suspicious apps, which we promptly investigate to ensure the App Store is safe and secure,” Apple told ABC News.

Google also told ABC News, “"We take security seriously and Google Play automatically scans for potentially malicious apps as well as spammy accounts before they are published on the Google Play Store. We do this to protect our users. App are specifically reviewed for compliance against our Google Play Developer Content Policy and Developer Distribution Agreement, which prevents things like apps that are impersonating legitimate companies or deceptive behavior. We also introduced a proactive app review process to catch policy offenders earlier in the process and rely on the community of users and developers to flag apps for additional review."

Despite the recent takedown of many of the fake apps, ABC News found some of these impostors still active this morning.

Tips to protect yourself from fake apps:

To find a legitimate app, use your browser to go to your favorite brand’s website and look for a link to its app there. Going through the front door of the retailer’s site ensures you’re getting the real app.

Next, click on the publisher, which is listed under the app’s name. If this is its only app or the others they list don't look legitimate, that is a red flag.

Finally, read the reviews, but don’t rely on them exclusively. Fake app makers write their own glowing, positive reviews. Trust your gut and be cautious.

ABC News Live

ABC News Live

24/7 coverage of breaking news and live events