Although Google tried to bridge the gap between Android and iOS in terms of security improvements through Play protect, there are many fake apps in Play Store which have millions of downloads by legitimate users. One such app is “Update Whatsapp.” This fake Android app on Play Store which “mimics” the popular messaging app Whatsapp has more than a million users.
Update WhatsApp is a scrapper app where the admin earns through clicks and fraudulent revenue. Many users of Reddit and the users who reviewed the app on Play Store reported it is a fake app which mimicked Whatsapp and spammed with advertisements to download other apps when opened. Later, the developer changed the app’s name to “Dual Whatsweb Update” and its icon. Due to the spam reports, the app was removed from the Play Store later for violating the rules, but not before plenty of people installed and reported it.
This isn’t the only fake Whatsapp app on the Play Store. There are plenty other fake apps reported by users that mimic Whatsapp. Not only Whatsapp, there are other fraud apps which imitates popular social networking sites. Nikolaos Chrysaidos, a security researcher at anti-virus company Avast said that he has spotted a few similarly malicious apps, such as a fake Facebook Messenger app that he said was installed 10 million times.
Security is the one big difference between Android and iOS. Apple does some serious scrutinization before launching the app in its app store. Although Google Play Store has Play Protect, it fails to protect its users sometimes from malicious apps.
“These things are not getting enough scrutiny … why wouldn’t an app that has a huge number of downloads receive a little additional security scrutiny,” cybersecurity expert Stephen Ridley told Motherboard, referring to the latest WhatsApp fraud.
As most of the users see the number of downloads before installing an app, many users have fallen in the trap in this case. Usually, the imitation apps differ only a single character from the original app. Users must be cautious and verify if an app is legitimate before installing it.
In this particular case, although more than a million users have downloaded the app, none of their data was misused instead their app was flooded with annoying popups.