Fake AntiVirus App Scams $40,000 in One Week of Downloads

Original article here.

Anyone who knows me or reads this blog on a regular basis understands that I have a bias toward preference for free open source software and that this is one of the many reasons I recommend Android over iOS devices.  However, it is true that the open nature of the Android app world is a double-edge sword, and you do occasionally run across a bad apple (pun intended).

Virus Shield is a perfect example of scammers taking advantage of the system.  Launched on April 2, 2014, Virus Shield claims to “Prevent harmful apps from being installed on your device,” “scan apps, settings, files, and media in real time,” and “protect your personal information,” all with a minimal impact on battery life, and with “No, ZERO pesky advertisements!

Well, those last two statements were true, at any rate.  Problem is, Virus Shield does absolutely NOTHING other than change a big red “X” into a big red check-mark.  That’s it.  It does nothing else whatsoever.  All for the low, low, introductory price of $3.99.  10,000 downloads in one week equals a huge payout for minimal effort on the part of the developer.

So, does this mean I’m going to ditch my Samsung Galaxy for an iPhone and renounce my dedication to the free open source phiolosophy?  Not a chance.  But it does mean I will share some tips on not falling victim to such schemes in the Android world.

  1. Install security apps from a trusted name you recognize, such as AVG, Avast, or any of the other major AV software developers.  Experimenting with generic apps is fine, but not when it comes to the security of your device.  I use AVG and NoRoot Firewall for my primary phone security.
  2. Don’t download any app that requires payment without some kind of trial offer.  This could be a free version with some functions disabled, a fully functional version that only lasts for a short period of time before you have to purchase it, or an ad-supported app with the option to pay for an ad-free version.  You wouldn’t buy a car without test driving it first; your phone apps should be treated the same way.
  3. Research, research, research.  Don’t just blindly download an app and start running it without reading through the reviews and doing some independent research outside of the app store, especially an app you are going to trust to keep your phone secure.  Ask around to friends and family to see if anyone else has downloaded the same app.
  4. If you get a warning while downloading an app that it cannot be trusted, BELIEVE IT and act accordingly.  Even with my knowledge and experience, I attempted to download an app last week that AVG flagged as suspicious.  I did not question that assessment and immediately canceled the download.  There are thousands of redundant apps out there.  Chances are you will find another one that meets your needs.
  5. Be wary of games.  The largest percentage of malware-infected apps are found in the game market.  I only have two games installed on my phone, chess and solitaire, and even they are blocked by my firewall to deny network access.  Again, do your research before downloading any app.

As always, I am happy to answer any questions regarding this subject.  If you have questions about a specific app, please send me an e-mail with the exact name of the app, the name of the developer, and the platform (Android, iOS, Windows, etc.), and I will send you an assessment of its security risk to your phone.

No comments yet.

Leave a Reply