Study warns of surge in fake apps targeting Indian users

Quick Heal Technologies Limited, a global cybersecurity company, has reported new findings on the rapid rise of fake app fraud targeting mobile users across India. Researchers at Seqrite Labs, the company’s malware analysis centre, warn that cybercriminals are increasingly distributing malicious applications disguised as legitimate services to steal personal information, drain bank accounts and compromise devices. These apps, often shared as APK files through phishing links circulated on WhatsApp, SMS or social media, imitate well-known brands to evade scrutiny while concealing spyware, adware or fraudulent billing mechanisms capable of causing significant financial harm.

The scale of the problem is reflected in wider industry data. Apple reported blocking USD1.8 billion worth of fraudulent transactions on its App Store in 2023, while Indian authorities have recently dismantled large-scale scams, including a fake crypto-mining app that defrauded investors of hundreds of crores of rupees. Seqrite Labs notes that attackers are now adopting more sophisticated methods, such as AI-generated five-star reviews to fabricate credibility, deepfake voices and cloned images for enhanced social engineering, and hidden malicious code designed to bypass basic security checks.

Fraudsters routinely impersonate banks, logistics firms and government schemes. One example involved a counterfeit “Pradhan Mantri Yojana Loan” app that used the national emblem to mislead users into sideloading harmful software, resulting in the theft of passwords, contact lists and one-time passwords used for quick account takeovers.

The company also highlights that curiosity and user error remain primary gateways for these attacks, affecting a wide demographic, from older individuals to organisations that rely heavily on mobile applications. Increasingly, attackers blend social manipulation with obfuscated code, turning routine app downloads into opportunities for identity theft, data harvesting or ransomware. Quick Heal reports having tracked extensive campaigns across Asia, including more than 250 fake dating and social networking apps designed to extract personal files.

For users, careful digital hygiene is essential. Apps should be downloaded only from official platforms such as Google Play or the Apple App Store, with close attention paid to reviews, ratings and developer details. Signs of risk include poorly written descriptions, suspiciously repetitive praise or a low number of downloads for what appears to be a well-known service. Users are advised to avoid installing applications via unsolicited links, QR codes or unverified third-party websites.

Any unexpected message or alert should be verified directly through official channels such as a company website or customer support. Regular software updates and features such as Google Play Protect can help identify phishing attempts or apps designed to mimic legitimate ones. When fraud is suspected, police advisories recommend switching to aeroplane mode to restrict connectivity, revoking app permissions, uninstalling the suspicious app and, if needed, performing a factory reset after backing up essential data.

Quick Heal’s latest security features, including AntiFraud.AI and Version 26, are designed to provide real-time detection and blocking of fraudulent apps, websites, payment requests and scam calls. The company says these tools draw on years of analysis of threats such as credential-stealing apps, malware distributed through social media and adware embedded in widely downloaded applications, helping users and organisations reduce their exposure to mobile-based fraud.