Online apps

Where you download apps from and how you use them plays a critical role in keeping your mobile phone secure.

Malicious apps will try to steal personal information from your phone and could expose your device and data to malware.

Malicious apps can pave the way for attacks ranging from unwanted pop-up ads to more serious efforts to steal personal and financial data, or lock your files and demand a ransom for the key that allows you to regain access to them. 

Many apps include advertising which, although legitimate, can be used to promote other malicious apps, or collect large amounts of data that can be exploited to carry out cybercrime.

You should closely review each app before downloading it for indications it may be fake. Some fake apps may be identified by poor grammar or spelling, or by the use of names very similar to those of recognised brands.

If you are not sure if an app is legitimate, contact the business the app claims to be from by first searching on the internet for their official website and contact details.

While Apple’s App Store or Google Play for Android are recommended official stores to install apps from, you should be mindful that fake, impersonating or malicious apps can still make their way onto any app store.

Staying safe

Before downloading a new app, take a few minutes to do your online research:

  • What do reviews from others say about the name of the app or its developer?
  • If in doubt, search for the web page of the developer. Lack of details about the developer, with links that go to legitimate sites instead, can be a red flag.
  • If an app is trying to impersonate a trusted brand, you may be able to see inconsistencies between the product and service offerings compared to what is on the business’ official website.
  • Look at comments from when the app was launched. Reviews in quick succession of launch are sometimes a warning it’s fake.

You should also:

  • Avoid installing apps from links in emails, social media, text messages and websites that look suspicious.
  • Use your device’s automatic update feature to install new applications and operating system updates as soon as they are available.
  • Read the fine print about how an app will protect your personal data—some apps collect information such as your location, contacts, and other sensitive details like credentials. At the end of the day, if you are not comfortable with how your data is protected, don’t use the app!
  • Make sure you review and manage permissions for each app you download. On an iOS device go to 'Settings > Privacy'. On an Android device go to 'Application Manager' and follow the prompts.
  • If the permissions required by the app seem excessive compared with what activities you’ll be using the app for, it may be a sign that it’s not a trustworthy app.
  • Do not remove hardware restrictions—known as ‘jailbreaking’ on Apple phones and ‘rooting’ on Android phones—to install unapproved third party apps. This makes your phone more vulnerable to malware as it reduces the in-built security protection.
  • Uninstall apps when you no longer need them.
  • If you suspect a fake app impersonating a trusted brand is available on an app store, contact the organisation that the app claims to be from, through contact details sourced from an official website.

More information

Learn more about using mobiles and tablets and protecting yourself from malware.

Stay Smart Online also has information on protecting your information online.

Report an incident

You can report a cybercrime to the Australian Cybercrime Online Reporting Network (ACORN) and a scam to the Australian Competition and Consumer Commission