Are there really fake apps in the App Store?

Yes. Apple and Google work to catch them, but fakes slip through every week. Common targets include banking apps, crypto wallets, password managers, and popular games. Apple's review is stricter than Google's, but neither is perfect. The Play Store has more fakes; the App Store has fewer but they exist.

What is the most common type of fake app?

Fake banking and crypto wallet apps are the most dangerous: they collect your real credentials and drain your accounts. Fake versions of free games and utilities are more common but usually just push ads or charge sneaky subscriptions. Both are bad, but fake banking apps are the ones to be paranoid about.

What do I do if I installed a fake app?

Delete the app immediately. If you entered a password or bank info, change those passwords from a different device and call your bank. Run a malware scan if on Android. Review accounts the fake app could have accessed for suspicious activity. Report the app to Apple or Google so they can remove it for everyone else.

How to spot fake apps

By Isaac Farris·Updated May 25, 2026·5 minute read

Apple and Google both let some fakes slip through their app stores. Not many, but enough to cause real damage if you install the wrong banking app or password manager. The good news is that fake apps have a small set of tells. Once you know what to look for, spotting one is fast.

Check these 5 things before any new install

Developer name. Tap the developer link on the app's page. Is it the real company?
Download count. Real banks and big apps have millions of downloads, not 500.
Review count and dates. Lots of recent 5-star reviews in one week is suspicious.
Spelling and screenshots. Typos and ugly screenshots are huge red flags.
Cross check with the company's website. Real companies link to their app from their site.

Red flag 1: The developer name is off

Every app in the App Store and Play Store has a developer name. Tap it. The real developer name for big apps matches the company exactly (or "Inc.," "Corp.," etc.).

Bank of America's app is by "Bank of America." Not "BoA Apps," not "BOA Mobile Group."
Chase is by "JPMorgan Chase & Co."
Wells Fargo is by "Wells Fargo Mobile."
Real PayPal is by "PayPal, Inc."

If the name is slightly different ("Wells Fargo Bankk," "Pay Pal Mobile"), it is fake. Always.

Red flag 2: Download count is too low for a famous app

If a real bank or major app has only thousands of downloads, something is wrong. Real banking apps have tens or hundreds of millions of downloads.

App	Roughly how many downloads (Play Store)
Bank of America	50 million+
Chase	50 million+
Wells Fargo	10 million+
Venmo	10 million+
PayPal	500 million+
Cash App	100 million+

If you see 5,000 downloads for a "Chase Mobile Banking" app, it is fake.

Red flag 3: Review patterns look weird

Real apps have a mix of star ratings, complaints, and praise written over years. Fake apps have:

All 5-star reviews
All written in the past week or two
Same kind of generic phrases ("Great app!" "Easy to use!" "Highly recommend!")
Few or no negative reviews
Reviews mention the app does totally different things than the description

Red flag 4: Typos, ugly screenshots, generic icons

Big companies have full design teams. Their app pages are polished. Fakes do not.

Spelling mistakes in the title, description, or screenshots
Low resolution or distorted screenshots
Generic stock photo icon instead of a real logo
Description text that looks like it was machine-translated
Wrong colors or off-brand logos

Red flag 5: Asks for the wrong permissions

A calculator app should not need your contacts. A flashlight app should not need your location 24/7. When installing:

iPhone: permissions are requested one at a time when the app needs them. Read each prompt.
Android: tap "App permissions" on the Play Store page before installing. Look at what it asks for.

If permissions do not match what the app supposedly does, do not install.

Red flag 6: Too new for what it claims to be

Tap "About this app" or the version history. If a "Bank of America" app was published 2 months ago, it is fake. Real apps from big companies have been on the store for many years.

How to install banking apps safely

Always start from the bank's website, not the App Store search.

Type the bank's web address directly into a browser (do not click email links).
Find their "Mobile" or "App" page.
Tap the App Store / Play Store link there.
That link goes to the real app.

Same for crypto exchanges, password managers, and any financial tool. Going via the company's own website removes any chance of a search-result fake.

Specific categories where fakes are common

Banking and credit cards: always go via the bank's website.
Crypto wallets: MetaMask, Trust Wallet, Coinbase, Ledger all have fakes. Triple-check before entering a seed phrase.
Password managers: only install Bitwarden, 1Password, Apple Passwords, Google Passwords, or LastPass from their real developer pages.
Antivirus / security: a lot of fake "antivirus" apps are themselves scams. See our free antivirus guide.
WhatsApp, Signal, Telegram: fakes occasionally appear.
Popular games right after a hit launch: "Pokemon Go" clones, "Among Us" clones, etc.
Photo editors and AI apps: the most common fake category in 2026; many push subscriptions you cannot cancel from inside the app.

If you already installed a fake app

Delete it immediately. iPhone: long-press the icon, choose Remove App. Android: long-press, Uninstall.
Change any passwords you entered into it. Do it from a different device if you can.
Call your bank or service provider if it was a banking app. Tell them you may have been phished.
Check accounts for unauthorized activity. Recent logins, transactions, devices.
Turn on 2FA on any accounts the fake app could have accessed. See our 2FA guide.
Android: run Play Protect (Play Store > profile icon > Play Protect > Scan).
Report the fake app:
- App Store: scroll to bottom of app page, tap "Report a Problem."
- Play Store: scroll to bottom of app page, tap "Flag as inappropriate."

Things that look fake but are not

Some real apps look sketchy:

Newer small bank apps may have only thousands of users. Verify by going via the bank's website.
Indie apps with few reviews are often legit, just small. Look at the developer's other apps and website.
Apps from outside the US may have rougher English. Look at developer, downloads, and screenshots.

If you are unsure, type the developer name into Google. Real companies have websites, support contacts, and a paper trail.

Sideloading apps (Android only): extra danger

Installing apps from outside the Play Store (called "sideloading," using APK files) bypasses Google's checks entirely. Only do this if you know what you are doing and you trust the source. Apps from forums, ad-driven download sites, and "free premium" pages are almost always laced with something.

Want to be extra safe?

Set up Screen Time (iPhone) or Family Link (Android) for older relatives. They block installs without your approval.
On iPhone, turn off "Installing Apps" in Screen Time for the device you give to a parent or kid.
Review installed apps every few months. Delete what you do not use.

Worried you installed a fake?

If you think you handed credentials to a fake app, do not panic, but act fast. Isaac can walk through what to change and check, especially for banking and crypto accounts.

Get in touch Email Isaac

☕

Helped you out?

Tips keep these guides free.

Buy me a coffee