How to Check if an App is Safe to Download

By IsThisAScam Research TeamPublished March 20, 20261 min read

Google removed over 2.3 million apps from the Play Store in 2025 for policy violations. Apple rejected 1.7 million submissions. Yet malicious apps still slip through — in January 2026, researchers identified 13 Play Store apps containing banking trojans downloaded over 300,000 times combined.

Received a link to download an app? Paste it into IsThisAScam.to to check the URL and developer reputation.

Rule 1: Only Download From Official Stores

Google Play Store or Apple App Store exclusively. Third-party stores and direct APK downloads bypass all security review.

Think it might be a scam?

Paste it here for a free, instant verdict.

No signup · 6 detection layers · Results in seconds · Cmd+Enter

Rule 2: Check the Developer

Tap the developer name. Look for: multiple well-reviewed apps, a legitimate website, proper contact info, and a name matching the app brand. "Chase Mobile Banking" not published by "JPMorgan Chase" is fake.

Rule 3: Read the Permissions

A flashlight app should not need contacts, microphone, or SMS access. Banking trojans request SMS to intercept 2FA codes. Almost no consumer app should request device admin privileges.

Rule 4: Analyze the Reviews

Sort by "Most Recent." Generic 5-star reviews are easily faked. Detailed 1-star reviews mentioning charges, battery drain, or strange behavior are serious warnings. All-5-star with generic praise = likely review-farmed.

Rule 5: Check Download Count and Age

47 downloads is riskier than 4.7 million. An app available for years with consistent updates is more trustworthy than one published last week.

Rule 6: Run a Security Scan

Android: Google Play Protect — open Play Store > Profile > Play Protect
Third-party: Malwarebytes, Lookout, Bitdefender mobile

Types of Malicious Apps

Fleeceware: Exorbitant subscriptions after "free trials" ($260/year for a QR scanner)
Adware: Aggressive ads including full-screen ads outside the app
Banking Trojans: Overlay fake login screens on real banking apps
Spyware: Record location, calls, messages, keystrokes

IsThisAScam's 6-layer detection evaluates app-related links and download pages. See best anti-scam apps for iPhone and Android.

Received something suspicious? Check it now for free →

app safetymobile securitymalwarehow-to

CHROME EXTENSION

Stop scams before you click

Scans emails in Gmail automatically. Right-click any link to check it. Warnings appear before you reach dangerous sites.

Add to Chrome — Free →

One-click install · No account needed · Works with Gmail

PRO

Need more than 5 scans a day?

Pro gives you 200 scans/month, detailed AI analysis, 30-day history, and priority processing for $2.99/mo.

See pricing →

Check any suspicious message

Six detection layers. Instant verdict. Free.

No signup · 6 detection layers · Results in seconds · Cmd+Enter

How to Check if an App is Safe to Download

By IsThisAScam Research TeamPublished March 20, 20261 min read

Received a link to download an app? Paste it into IsThisAScam.to to check the URL and developer reputation.

Rule 1: Only Download From Official Stores

Google Play Store or Apple App Store exclusively. Third-party stores and direct APK downloads bypass all security review.

Think it might be a scam?

Paste it here for a free, instant verdict.

No signup · 6 detection layers · Results in seconds · Cmd+Enter

Rule 2: Check the Developer

Rule 3: Read the Permissions

A flashlight app should not need contacts, microphone, or SMS access. Banking trojans request SMS to intercept 2FA codes. Almost no consumer app should request device admin privileges.

Rule 4: Analyze the Reviews

Rule 5: Check Download Count and Age

47 downloads is riskier than 4.7 million. An app available for years with consistent updates is more trustworthy than one published last week.

Rule 6: Run a Security Scan

Android: Google Play Protect — open Play Store > Profile > Play Protect
Third-party: Malwarebytes, Lookout, Bitdefender mobile

Types of Malicious Apps

Fleeceware: Exorbitant subscriptions after "free trials" ($260/year for a QR scanner)
Adware: Aggressive ads including full-screen ads outside the app
Banking Trojans: Overlay fake login screens on real banking apps
Spyware: Record location, calls, messages, keystrokes

IsThisAScam's 6-layer detection evaluates app-related links and download pages. See best anti-scam apps for iPhone and Android.

Received something suspicious? Check it now for free →

app safetymobile securitymalwarehow-to

CHROME EXTENSION

Stop scams before you click

Scans emails in Gmail automatically. Right-click any link to check it. Warnings appear before you reach dangerous sites.

Add to Chrome — Free →

One-click install · No account needed · Works with Gmail

PRO

Need more than 5 scans a day?

Pro gives you 200 scans/month, detailed AI analysis, 30-day history, and priority processing for $2.99/mo.

See pricing →

Check any suspicious message

Six detection layers. Instant verdict. Free.

No signup · 6 detection layers · Results in seconds · Cmd+Enter

How to Check if an App is Safe to Download

Rule 1: Only Download From Official Stores

Rule 2: Check the Developer

Rule 3: Read the Permissions

Rule 4: Analyze the Reviews

Rule 5: Check Download Count and Age

Rule 6: Run a Security Scan

Types of Malicious Apps

What is Ransomware? Prevention and Recovery

How to Secure Your Phone Against Scams and Malware

VirusTotal for Emails: How to Check Messages

How to Check if an App is Safe to Download

Rule 1: Only Download From Official Stores

Rule 2: Check the Developer

Rule 3: Read the Permissions

Rule 4: Analyze the Reviews

Rule 5: Check Download Count and Age

Rule 6: Run a Security Scan

Types of Malicious Apps

What is Ransomware? Prevention and Recovery

How to Secure Your Phone Against Scams and Malware

VirusTotal for Emails: How to Check Messages