New scams pop up all the time, and when they disguise themselves as communications from legitimate brands and service providers, they become harder to spot and easier to fall for. The threat is real, and falling for a scam could cost you a lot of money.

The latest malicious fraud going around could allow a cybercriminal to take control of your phone and gain full access to all your bank accounts and personal information. Be on high alert if you’re asked to download an app on your phone to get access to an offer that seems too good to be true.

Even if it appears to come from a reputable company that you’ve bought from in the past, you must take precautions before you download a new app. Often, app downloads require you to accept several permissions on your mobile device, which can give fraudsters access to your phone – so be wary when you’re asked to give these permissions.

Understanding fake app download scams

Fraudsters can now make images and videos look more authentic, which enables them to disguise themselves as well-known brands. They often steal real images from the brand and create similar adverts and apps – with company logos and legitimate-looking content created with artificial intelligence software – to establish credibility. It can be easy to overlook the warning signs, especially when you’re excited about a good deal, but fake apps can put your data and privacy at risk.

Scammers use these fake identities to offer tempting deals on social media and other messaging platforms, and they also target victims through direct marketing. You might get a call or email from someone claiming to represent a popular streaming service, a well-known airline, or even a big chain store. They’ll get you hyped up with offers of discounted subscriptions or free tickets and vouchers. They might offer you entry in competitions with big prizes. But these offers come with a catch – you’ll need to download an app to participate.

There are many of these fake ads on social media, targeting anyone looking for a good deal. However, scammers also cold call their victims with these ‘special offers’. If you respond to an ad or show interest in the deal on the phone, the scam will quickly move to the next phase and invite you to chat on WhatsApp or other messaging platforms. There, the con artist will send you a link to download their app and ‘unlock’ your rewards. In reality, you’ll be downloading a malware app.

This is what makes this scam so dangerous. When you click on the link, the app will ask you to approve quite a few permissions. This is standard when you download a new app – most will ask for access to your phone’s functions so they can operate properly. And ideally, you should read every line of what you’re agreeing to on those permissions before you accept them.

The dangers of approving fake apps

But many of us still click and accept permissions without knowing what we’re giving approval for, don’t we? There’s just so much to read, every time you install a new app or update your device. If we’re interacting with a brand we’ve used before and have grown to trust, it just seems so much simpler to select ‘accept’ on every permission and get the app working as fast as possible.

That’s what the scammers are counting on. By accepting these permissions, you could be giving them full access to your device. They can install malware and spyware, which can compromise any sensitive data stored on your phone, like your banking information, home address and credit card details. The malware will send all your information to the fraudster, and they could use it to get access to all your bank accounts. You may not even realise that your security has been breached until it’s too late.

Staying informed: Latest scam prevention tips

Stick to official app stores

Download apps only from trusted sources like Apple Store, Huawei AppGallery, Galaxy Store or Google Play. These platforms have strict security measures that help weed out malicious apps. If you receive a link to download an app from somewhere else, don’t tap on it – instead, open your app store using the store app icon on your phone and search for the app you need to install.

Listen to your device

Most smartphones are designed to protect you from threats and come with preinstalled security apps. If your phone warns you about installing an app from an unknown source, don’t ignore the warning. Always read pop-up messages, and don’t just tap ‘accept’ to get rid of the pop-up. If in doubt, check directly with the company that claims to be running the promotion.

Verify unusual offers

If you receive an offer that seems out of the ordinary, it’s always best to check with the company supposedly offering the deal. Most reputable companies won’t ask you to download an app through a link sent in a text or WhatsApp message, or a social media direct message. A quick call or email to their official customer service centre can save you a lot of trouble.

Check app permissions

Be cautious of apps that ask for too many permissions and read them all carefully to know what you’re agreeing to. For example, a travel app probably doesn’t need access to your microphone or camera. When reading through the permissions, ask yourself if they make sense for the app you’re downloading.

What to do if you’ve downloaded a fake app

As with any instance of fraud, if you think you’ve accidentally downloaded a fake app, act fast.

• Delete the app: Delete the app from your phone and clear your cache. Go into your phone’s settings and check your list of downloaded apps for any hidden apps that may have been installed without your knowledge.
  
  
• Change your banking passwords: Secure your accounts by changing your digital banking passwords immediately, using a device that hasn’t been compromised by the fake app. If possible, enable 2-factor authentication for extra security.
  
  
• Update your software: Make sure your phone's software is up to date. Software updates usually fix any security loopholes and update the onboard antivirus software, which can scan for malware and remove it before it can do more damage.
  
  
• Report suspicious activity: If you receive a suspicious message or app download request, report it to your bank’s fraud department right away. Send any suspicious messages to phishing@nedbank.co.za.

Stay safe

These steps can help prevent further damage, but the best approach is to avoid these scams altogether by being cautious and aware of the tactics that fraudsters use. Stay alert, only download apps from trusted sources, and always read through the app permissions before you tap ‘allow’. Unfortunately, if you download a fake app that compromises your digital banking security, you will be liable for any losses you may suffer. Always take the time to verify any offer before giving a new app access to your digital devices.