Fake apps loaded down with malware are on the rise…again. What’s worse, new techniques are getting those malicious apps more and more visible, so that unsuspecting team members could easily download them without noticing anything’s wrong.
This time there are two distinct elements you need to understand so you can keep your company and data safe. We’ll discuss the apps themselves first, then we’ll dive into SEO poisoning (the technique the bad guys are using to get these apps found).
Problem #1: The Apps Themselves
So what exactly are these apps? They look like apps your team needs to get work done, like WhatsApp, Chrome, and so on. Even apps we look at as extra secure, like Signal or Telegram, are getting spoofed.
Of course, these aren’t the real versions of those apps. They won’t work well or fully, so eventually it might become obvious that something nefarious is happening. But maybe not: it could be that an unsuspecting user tries to install and open the app, then gives up when it seems like nothing’s working.
No matter how much or how little these apps function like the real thing, they do work well enough to do a few things, and they’re all bad for you and your business. For starters, maybe the app isn’t real, but it’s really installing something. At a minimum, simply installing the malicious apps can load your device down with malware. That’s bad enough news: malware can steal your data, watch what you do on your device, or even turn control of your device over to the attackers controlling the malware.
Imagine how powerful a tool like this could be in the wrong hands: you work hard to protect your accounts and credentials, but with the right malware, bad guys can see every character you type — including usernames and passwords.
Problem #2: How the Apps Find You
At this point you may be thinking, “Sure, scammy apps are bad, but my team knows better. They aren’t downloading from super sketchy websites, so they’ll be fine, right?”
We wish it were that simple, but no.
What’s happening here is something called SEO poisoning. Essentially, hackers abuse the techniques that legitimate companies use for search engine optimization (SEO). That’s stuff like making sure your website has the right structure and uses effective content relevant to your audience — stuff like this blog post, to be honest.
Scam websites aren’t supposed to show up high in search results — the big search engines don’t want that. But by weaponizing legitimate techniques, they poison search results and get their illegitimate sites and apps ranked high up, close to or even above the real thing.
None of this works for all that long: as soon as the big search companies identify a fraudulent site, they blacklist it. But in the short term, lots and lots of users may end up on the wrong site, downloading the wrong app.
The way people search is changing, too: as SEO evolves to include AI search (GEO and AIEO), scammers have even more new ways to reach users by gaming search results.
How to Avoid Fake Apps
The best strategy for staying safe is to stick to primary sources. In other words: you’ll never end up with a fake version of Whatsapp if you manually type in the actual URL (whatsapp.com) and download from there. The trouble comes when people search for that app somewhere else.
Of course, strong cybersecurity protections can help to block malicious applications even if you or your team stumble across them. We can help you tighten up your security and avoid the latest threats. Reach out anytime!