Key takeaways

  • Fake apps are programs designed to imitate popular legitimate apps.

  • Scammers try to hide malware in a fake app offered in official or third-party app stores.

  • Users only need to download the Binance app from official channels, such as our website, Google Play Store or Apple App Store.

Fake apps are programs designed to imitate popular legitimate apps, and are among the most serious security threats of our time.

Fake apps perfectly reproduce the real app, from the logo to the description. At first glance, they seem to have the same interface, the same services and the same functionalities, and some of them even recover the source code of the official application.

If you look a little closer, however, you will find that you may have spyware installed on your phone that is monitoring your activity or trying to steal your information and assets. Scammers use different methods to distribute fake apps, including third-party or counterfeit app stores, official app stores, and sometimes social engineering tactics via emails or SMS.

First, let's look at two methods scammers use to disguise their fake apps: imitation and reuse.

Example #1: Imitation

As the name suggests, imitation aims to deceive users by pretending to copy the official source with similar names, logos and features. Below is an example of an application imitating an official BNB Chain application:

Warning: This image depicts a scam application, which is in no way associated with Binance.

Example #2: Reuse

The second method, reuse, is much more difficult to identify at first glance. Applications of this type recover the metadata of their official version, including the name and icon, by modifying and reusing the source code. Below is an example of a repurposed app masquerading as the official Binance app: You'll notice the logo is identical.

Warning: This image depicts a scam application, which is in no way associated with Binance.

The different types of fake apps and their dangers

  1. Adbots: Fake apps sometimes contain a huge number of unwanted ads, which may even appear in your phone's calendar or other apps.

  2. Fraudulent billing: Scammers can use fake apps to automatically add purchases to your phone bill without your consent.

  3. Botnet: Cybercriminals can use your phone to launch a DDos (distributed denial of service) attack to mine crypto or spam other potential targets.

  4. Harmful content: Fake apps may include inappropriate content, such as hate speech, pornography or violence.

  5. Harmful downloaders: Fake apps that do not contain dangerous code can trick their victims into downloading other malware and unwanted software onto their devices.

  6. Phishing: Criminals can steal your login information by using an interface that mimics a legitimate app's login menu.

  7. Privilege escalation: This type of fake apps will request higher-level privileges, which will allow criminals to disable key security features of your device.

  8. Ransomware: Designed to infect your device with ransomware, fake apps of this type cut off your access to your data by encrypting it and making it unreadable.

  9. Rooters: Rooter apps sometimes contain code to disable your device's built-in security features and perform harmful actions on your device.

  10. Spam: As the name suggests, a spam app sends unwanted messages to your contacts, or uses your device in mass email spamming.

  11. Spyware: Spyware sends personal data to third parties without your consent. This data may include text messages, call logs, email logs, photos, browsing histories, GPS locations, crypto addresses, and recovery phrases from other security applications. your device.

  12. Trojans: Once installed, a Trojan may appear harmless, but in the background it secretly carries out malicious actions without your knowledge, for example collecting personal data or sending premium SMS messages from your device.

In the crypto world, fake applications often replace the addresses displayed on the deposit and withdrawal pages of their interface. When the user makes a transfer, their assets end up in the scammer's account. This is how most fake applications operate to steal users’ cryptos.

As a general rule, we advise you to start by depositing or withdrawing a small amount on a trial basis before making larger transactions.

How to identify and avoid fake apps?

If you notice any of the following signs, do not click “download”!

  1. Distorted icon: Fake apps will attempt to reproduce those from the official app store as closely as possible. Don't be fooled by an altered version of the real icon.

  2. Unnecessary permissions: Read the developer's privacy policy before downloading the app, because once installed, fake apps will often ask you to grant them unnecessary permissions.

  3. Questionable reviews: Be wary of apps with an excessive number of negative or positive reviews.

  4. Incorrect grammar: Reputable developers will take the time to eliminate typos and spelling errors in their app description. Too many grammatical errors in an app description should give you pause.

  5. Few downloads: Legitimate and widely used apps tend to have high download counts. For example, Binance’s app has been downloaded over 50 million times on the Google Play Store alone.

  6. Wrong developer information: Check the app developer information provided. Do they include a business name, email address, or actual website? If this is the case, check on the Internet that this information corresponds to the official organization.

  7. Recent Release Date: When was the app released? If the app has already been downloaded and reviewed many times even though the release date is recent, it is most likely fake. Legitimate apps with high numbers of reviews and downloads have mostly been around for a long time.

Follow these guidelines before downloading any app: read its description, reviews, developer's privacy policy, and most importantly, don't click on any suspicious links. Sometimes fake apps end up on official app stores.

If you receive an unexpected text message, strange notification, or unusual request from someone claiming to be “employed at Binance,” be wary.

If you download a fraudulent app or click on a suspicious link, your phone, assets and personal information could be compromised without you realizing it.

If you think you have downloaded a fake app, uninstall it immediately, restart your phone and report it to the app store where you downloaded it. While not a completely impenetrable security measure, 2-factor authentication (2FA) can make a world of difference in protecting your funds, even if a hacker manages to steal your login information .

Download the Binance app from our official channels

  1. Binance Official Website

  2. Google Play

  3. App Store d’Apple

Note: You are solely responsible for performing due diligence and following general security measures regarding the legitimacy of apps appearing to be Binance apps before downloading and installing it. Binance is not responsible for any loss that may arise from the use of illegitimate or fake applications.

For more information

  • (Blog) Today's blog: anti-phishing codes and how to protect yourself?

  • (Academy) Secure Your Binance Account in 7 Simple Steps

  • (FAQ) How to protect your Binance account from scams?

Disclaimer and Risk Warning: This content is presented to you “as is” for general information and educational purposes only, without representation or warranty of any kind. It should not be construed as financial advice, nor as a recommendation to purchase a specific product or service. Prices of digital assets can be volatile. The value of your investment may go down as well as up and you may not get back the amount you invested. You are solely responsible for your investment decisions and Binance is not responsible for any losses you may incur. This does not constitute financial advice. Please see our Terms of Use and Risk Disclaimer for more information.