Main

  • Fake apps are programs that mimic the functionality of familiar apps.

  • Fraudsters place malware in third-party or official app stores under the guise of fake apps.

  • The Binance App can only be downloaded through official channels such as our website, Google Play Store or Apple App Store.

Counterfeit apps—programs that mimic the functionality of familiar apps—are among the biggest cyber threats today.

Fake apps look just like the real thing, from the logo to the description. At first glance, they may have the same interface, functions and capabilities. In some cases, they even use repackaged source code of the official application.

But if you take a closer look, you may find malware that monitors your phone's activities and tries to steal information or assets. Fraudsters distribute fake apps in a variety of ways, including through third-party, unofficial and official app stores, as well as through emails and SMS messages.

Let's first take a closer look at two methods scammers use to disguise fake apps: impersonation and repackaging.

Example 1. Imitation

A spoof, as the name suggests, is an attempt to trick users by using a copy of an official program with the same name, logo, and features. Below is an example application that mimics the official BNB Chain application.

Disclaimer: This image shows a scam app and is in no way affiliated with Binance.

Example 2: Repackaging

The second method, repackaging, is much more difficult to detect at first glance. Repackaged apps use the same metadata as their official counterparts, including name and icon, by modifying and repackaging the source code. The example below shows a repackaged app that mimics the official Binance app. As you can see, it has exactly the same logo.

Disclaimer: This image shows a scam app and is in no way affiliated with Binance.

Different types of fake apps and their dangers

  1. Advertising bots. Fake apps can contain a huge amount of advertising, which can even appear in the phone's calendar and other places where it is not wanted.

  2. Payment fraud. Fraudsters may use fake apps to automatically charge your phone account without your consent.

  3. Botnet. Cybercriminals could use your phone to launch DDoS (distributed denial of service) attacks, mine cryptocurrency, or spam other potential victims.

  4. Hostile content. Fake apps may contain inappropriate content, such as hate speech, pornography, or violence.

  5. Malicious downloaders. Even if a fake app does not contain malicious code, it may cause other malicious or unwanted programs to be downloaded to your device.

  6. Phishing. Attackers can steal your credentials using an interface that mimics the login menu of a genuine application.

  7. Increasing the level of rights. These fake apps request advanced permissions, which ultimately allows the attacker to disable basic security features on the device.

  8. Ransomware. The goal of these fake apps is to infect the device with ransomware, which blocks the user's access to their own data by encrypting it so that it is unreadable.

  9. Obtaining superuser rights. Root applications may contain code that disables the device's built-in security mechanisms and performs malicious actions on the device.

  10. Spam. As the name suggests, spam apps send unwanted messages to your contacts or use your device to send bulk email spam.

  11. Spyware. Spy apps share personal data with third parties without your consent. They can collect and transmit, for example, text messages, call logs, contact lists, emails, photos, browser history, GPS location, crypto wallet addresses, and recovery phrases from other applications on the device.

  12. Trojans. Once installed, Trojans may seem harmless, but in reality they secretly perform malicious actions, such as collecting personal data or sending SMS messages from the device to premium numbers without the user's knowledge.

Fake apps in the cryptocurrency world often spoof the addresses displayed in their interface on the deposit and withdrawal pages. When a user initiates a money transfer, their assets end up in the scammer's account. This is one of the most common ways that fake apps deprive users of their cryptocurrency assets.

The general recommendation is: before making large transactions, deposit or withdraw a small trial amount.

How to spot a fake app and avoid being scammed

Before you click the download button, check the app for the following warning signs

  1. Distorted icon. Creators of fake applications try to make them as similar as possible to genuine analogues from official application stores. They may try to trick you with a distorted version of the real icon.

  2. Requesting unnecessary rights. Before downloading an application, read the privacy policy of its developer. Once installed, fake apps often ask for unnecessary permissions.

  3. Questionable reviews. A large number of negative or unusually positive reviews about an application should raise suspicion.

  4. Grammatical errors. The official developers are trying to get rid of all typos and errors in the descriptions. Too many grammatical errors in your app description is a red flag.

  5. Low number of downloads. It is unlikely that a popular genuine app will have very few downloads. For example, the Binance app has been downloaded over 50 million times from the Google Play app store alone.

  6. False information about developers. Check the details of the app developers. Is it a real company, email address or website? If so, try searching online to see if this information matches the developer's official data.

  7. Recent release date. When was this app released? If an app was recently released but still has a lot of downloads and reviews, it's most likely fake. Genuine apps with a large number of reviews and downloads have usually been on the market for at least several years.

Please follow these rules before downloading any application. Read the developer's description, reviews and privacy policy, and most importantly, do not click on suspicious links. Even in official app stores, fake programs appear from time to time.

If you receive an unexpected SMS, a strange notification, or an unusual request from someone claiming to be a Binance employee, be careful.

If you download a fraudulent app or click on a suspicious link, your phone, assets or personal data could be in the possession of criminals before you even know it.

If you suspect you have downloaded a fake app, immediately uninstall it, reboot your phone, and report it to the appropriate app store. Two-factor authentication (2FA) helps protect funds even if someone manages to obtain user credentials, although it does not provide complete security.

Download the Binance app from official sources

  1. Binance website

  2. Google Play

  3. Apple App Store

Please note that it is your responsibility to conduct your own verification and general security measures regarding the authenticity of any application that appears to be the Binance App before downloading and installing it. Binance is not responsible for any losses you may incur as a result of using fake or fraudulent applications.

Additional Information

  • (Blog) Anti-phishing codes and how to protect yourself

  • (Academy) 7 Simple Steps to Protect your Binance Account

  • Frequently Asked Questions: How to protect your Binance account from scammers

Risk Warning and Disclaimer: The following materials are provided “as is” without warranty of any kind for general reference and educational purposes only. This information should not be considered financial advice or a recommendation to purchase any specific product or service. The value of digital assets may be volatile, increasing the risk of loss of investment. You are solely responsible for your investment decisions. Binance is not responsible for your possible losses. This information does not constitute financial advice. Please see our Terms of Use and Risk Disclosure for details.