App Store Scams: Fake Apps That Steal Your Data
Google removed 2.3 million policy-violating apps from the Play Store in 2025. Apple rejected over 1.7 million app submissions for fraud or privacy violations in the same period. Despite these efforts, scam apps still slip through — and millions of people download them before they're caught.
Fake apps are no longer limited to obscure third-party stores. They appear in official app stores, sometimes with thousands of fake reviews and professional-looking screenshots. Some even climb to "top charts" positions through coordinated download campaigns.
Found a suspicious app or message about one? Paste it into our free scanner →
Fleeceware: The Subscription Trap
Fleeceware apps offer basic functionality — a QR scanner, PDF reader, flashlight, or photo filter — behind an absurd subscription paywall. They lure you in with a "free trial" that charges $50-$100 per week if you don't cancel within 3 days. The cancellation process is deliberately confusing, and many people don't realize they're being charged until they check their credit card statement months later.
A 2025 study by the cybersecurity firm Avast found that fleeceware apps had been installed over 600 million times and were generating an estimated $400 million annually in fraudulent charges. Common categories include:
- QR code scanners (your phone camera already does this)
- Photo editors with basic filters
- Horoscope and fortune-telling apps
- Calculator and flashlight apps
- Music downloaders and video players
Before downloading any app, check whether your phone already has that feature built in. Most "utility" apps on the store duplicate functionality that's been native to iOS and Android for years.
Think it might be a scam?
Paste it here for a free, instant verdict.
Free · No signup required · Cmd+Enter to scan
Copycat Banking and Finance Apps
These are the most dangerous app store scams. Fraudsters create apps that mimic legitimate banking, cryptocurrency, or payment apps. The fake app looks nearly identical to the real one — same logo, same color scheme, same interface — but it sends your login credentials directly to the scammer.
In 2025, researchers discovered a fake "Chase Mobile" app on the Play Store that had accumulated over 10,000 downloads before being removed. The app displayed a perfect replica of Chase's login screen and captured usernames, passwords, and multi-factor authentication codes.
How to identify copycat apps:
- Check the developer name — it should match the official company (e.g., "JPMorgan Chase" not "Chase Banking LLC")
- Look at the download count — major banking apps have millions of downloads
- Read recent reviews carefully, especially 1-star reviews mentioning fraud
- Access your bank's app through their official website link, not by searching the store
- Verify the app's release date — if "Chase Mobile" was "released" last month, it's fake
Fake VPN Apps
The demand for VPN apps has created a goldmine for scammers. Hundreds of fake VPN apps on both Google Play and the App Store either don't provide any actual VPN functionality, log and sell your browsing data, or inject ads and malware into your traffic. Some even install certificate authorities that allow them to intercept your encrypted connections — the exact opposite of what a VPN should do.
IsThisAScam's 6-layer detection system can analyze links and messages promoting suspicious apps, helping you avoid downloading malware disguised as legitimate software.
Malware-Loaded Apps
Some scam apps go beyond data theft and install outright malware. The "Anatsa" banking trojan, distributed through seemingly innocent apps like PDF viewers and file managers on the Play Store, infected over 200,000 devices in late 2025. Once installed, it could overlay fake login screens on top of real banking apps, capture everything you type, and initiate unauthorized bank transfers.
Warning signs that an app may contain malware:
- Requests excessive permissions (a flashlight app asking for contacts, SMS, camera access)
- Battery drains unusually fast after installation
- Your phone becomes noticeably slower
- You see ads appearing outside the app, on your home screen, or in notifications
- New apps appear that you didn't install
Fake Game and Entertainment Apps
Children are particularly vulnerable to scam apps in the game and entertainment categories. These apps promise free in-game currency for popular games, early access to unreleased titles, or "hacked" versions of paid games. They typically lead to:
- Phishing pages that capture gaming account credentials
- Subscription traps targeting parents' credit cards
- Malware that compromises the entire device
- Data harvesting targeting children's personal information
For more on protecting younger users, see our guide on Roblox scams and Fortnite scams.
How to Stay Safe
- Only download apps from official stores (Google Play, Apple App Store)
- Check the developer name, download count, and release date before installing
- Read reviews critically — look for patterns in negative reviews mentioning charges or permissions
- Review app permissions and deny anything that seems excessive
- Regularly audit your subscriptions (Settings > Subscriptions on both iOS and Android)
- Keep your phone's operating system updated for the latest security patches
- Install a reputable mobile security app from a known cybersecurity company
- For banking apps, always follow links from your bank's official website
If you've installed a suspicious app, uninstall it immediately, change passwords for any accounts you accessed while it was installed, check your bank statements for unauthorized charges, and run a security scan on your device.
Received something suspicious? Check it now for free →