How to Avoid App Store Scams

Despite Apple’s review process for apps on the App Store, sometimes terrible scams slip through. Even more so for Google’s Play Store, where apps aren’t subject to human review before going live. If you’re having a hard time figuring out how to avoid app store scams, you’re not alone. Fortunately, there are some helpful guidelines you can follow to keep yourself safe.

Scam apps come in a variety of forms. Some will pretend to be popular, legitimate apps–or even spoof the name of a feature of the operating system itself–only to inject their own obnoxious ads that would appear out of nowhere, steal your personal information, or download malware. Other scams offer a simple service, only to charge exorbitant subscription fees before letting users try the app themselves, and then fail to deliver. Regardless of what form the scams take, the best protection is to avoid installing these apps entirely. With that in mind, here are some key signs to watch for.

Don’t Trust Star Ratings on Their Own

Both Apple and Google prominently feature an average star rating for each app, to give you a quick, easy-to-understand idea of how users view an app. An app with an average rating of 4.7 stars is probably more trustworthy than an app with an average 1.7-star rating, right?

Unfortunately, it’s not that simple. Not every star rating comes with a written review, and it’s relatively easy for malicious actors to game the system by generating (or buying) mass ratings to tip the scales. An app with hundreds of bad reviews but tens of thousands of 5-star ratings can seem like it’s very popular, even though most people who have actually used it hate it.

This is what developer Kosta Eleftheriou found while researching an app that had a 4.6-star rating. Eleftheriou found that the vast majority of written reviews had 1-star ratings. Looking at only those ratings that came with accompanying reviews, the app’s rating dropped to 1.6 stars, a massive difference. If an app were legitimately as good as a 4.6-star rating would make it seem, it would be reasonable to expect at least some more positive written reviews, but the majority of negative reviews tell a different story.

This often happens with popular apps that have basic, easily reproducible features. “Most scammers go after high-traffic keywords and categories such as wallpaper, weather, scanner, and VPN apps—to name a few,” says Eleftheriou. “They then look at some of the popular apps and clone their basic functionality, focusing more on how to lure new users in and get them to sign up for the service, hoping they will then forget to cancel or won’t know how.”

Eleftheriou is currently suing Apple over alleged abuses of its monopoly power.

Read Reviews (and Not Just the First Few)

Since star ratings can be gamed to be decieving, it’s worth reading the reviews themselves. But if you think that means you can just glance at the first couple, here’s even more bad news: Those can be gamed too. A small cottage industry of review sellers exist so that shady developers can buy fake reviews to boost their app’s performance (or harm a competitor’s), in order to rank higher in app stores.

One common trick for review manipulators is to use dummy accounts to mark a particular fake review as “helpful,” which will make it appear higher in the list of reviews. If you scroll to the review section on an app’s listing, the first few reviews you find can sometimes be artificially pushed higher. Swipe through to see a few more on a scam app’s listing, and you might start to see very different reviews.