The most outstanding

  • Fake apps are programs designed to imitate legitimate apps that we all know.

  • Scammers will try to hide malicious software in a fake app available on official or third-party app stores.

  • Therefore, we recommend that users only download the Binance application from official channels, such as our website, Google Play or the Apple Store.

Fake applications, that is, programs designed to imitate legitimate applications that we all know, constitute one of the biggest cybersecurity threats of our time.

Fake apps look like the real thing, from the logo to the description. At first glance, they may have the same interface, services and functionalities. Some have even repackaged the official app source code.

However, if you look a little closer, you may discover that there is malicious software spying on your phone activity or trying to steal your information and assets. Scammers will spread fake apps using various methods such as counterfeit or third-party app stores, official app stores, and social engineering through emails or SMS messages.

Let's first look at two methods that scammers often use to camouflage fake apps: imitation and repackaging.

Example 1: imitation

The imitation, as its name suggests, tries to trick users by pretending to copy the official source with similar names, logos and functions. Here is an example of an app trying to impersonate an official BNB Chain app.

Disclaimer: The content of this image represents a scam application that is in no way associated with Binance.

Example 2: Repackaging

The second method, repackaging, is much more difficult to identify at first glance. Repackaged apps use the same metadata as the official version, including the name and icon, by modifying and repackaging the source code. In the example below you can see a repackaged app posing as the official Binance app. You will see that it has exactly the same logo.

Disclaimer: The content of this image represents a scam application that is in no way associated with Binance.

The different types of fake applications and their dangers

  1. Ad bots. Sometimes, fake apps contain an obnoxious amount of unwanted ads that may even start appearing on your calendar or other parts of your phone.

  2. Invoice fraud. Scammers can use fake apps to automatically charge purchases to your phone bill without your consent.

  3. Botnet. Cybercriminals can use your phone as part of a DDoS (distributed denial of service) attack to mine cryptocurrency or send spam to other potential victims.

  4. Hostile content. Fake apps may include inappropriate content, such as hate speech, pornography, or violence, to name just a few.

  5. Hostile downloads. Although they may not contain malicious code, fake apps can lead victims to download other malicious or unwanted software onto their devices.

  6. Phishing. Criminals can steal your login information using an interface designed to mimic the login menu of a legitimate application.

  7. Increased privileges. This type of fake app will request elevated privileges, allowing cybercriminals to disable basic security features on your device.

  8. Ransomware. Designed to infect your device with ransomware, this type of fake application will prevent you from accessing your data, encrypting it and making it unreadable.

  9. Rooting. Rooting apps may contain code that disables your device's built-in security and performs harmful actions against your device.

  10. Spam. As the name implies, spam apps will send unsolicited messages to your contacts or involve your device in a massive email spam campaign.

  11. Spyware. Spyware applications send personal data to third parties without your consent. This data may include text messages, contact lists, email logs, photos, browser history, GPS location, cryptocurrency addresses, and recovery phrases from other apps on your device.

  12. Trojan. Once installed, Trojans may seem harmless on the outside, but they actually perform malicious actions without you realizing it, such as collecting personal data or sending premium SMS messages from your device without your knowledge.

In the cryptocurrency space, fake apps often substitute the addresses displayed on the deposit and withdrawal page of their interface. Therefore, when the user initiates a transfer, their assets will end up going to the scammer's account. For users, this is one of the most common ways to lose their assets to fake apps.

As a general guideline, we recommend depositing or withdrawing a small amount first on a trial basis before initiating larger value transactions.

How to detect and protect yourself from fake applications

Before clicking download, check for the following red flags:

  1. Distorted icon. Fake applications will try to imitate as much as possible the product available in the official application store. Don't be fooled by distorted versions of the real icon.

  2. Acceptance of unnecessary permissions. Please read the developer's privacy policy before downloading the application. Once installed, fake applications often ask for unnecessary authorizations.

  3. Questionable reviews. Be suspicious of any app that has too many negative or positive reviews.

  4. Grammatical errors. Legitimate developers will spend time ensuring that their app descriptions are free of typos and grammatical errors. Be wary if you detect an excessive number of grammatical errors in the application description.

  5. Low number of downloads. Widely used legitimate apps are unlikely to have very few downloads. To give you an example, on Google Play alone the Binance application has more than 50 million downloads.

  6. Fake developer information. Check the app developer information. Does it indicate a legitimate company, email address or website? If so, do an online search to see if the information provided is related to the official organization.

  7. New release date. When was the app launched? The app is likely fake if the product shows a recent release date with many downloads and reviews. Legitimate apps with a large number of reviews and downloads have usually been on the market for at least a few years.

Follow these guidelines before downloading any app. Read the developer's description, reviews, privacy policy, and most importantly, don't click on suspicious links. Even official app stores may occasionally have fake products.

If you receive an unexpected SMS, strange notification, or unusual request from someone claiming to be a “Binance employee,” take extra caution.

If you download a fraudulent app or click on a suspicious link, your phone, assets or personal information could be compromised before you even know it.

If you suspect that you have downloaded a fake app, delete it immediately, restart your phone and file a report with the relevant app store. While not 100% secure, enabling two-factor authentication (2FA) can make a big difference in protecting your funds, even if someone successfully spoofs your login credentials.

Download the Binance app from our official channels

  1. Binance official website

  2. Google Play

  3. Apple Store

Please note that you are responsible for conducting your own due diligence and following general security measures regarding the legitimacy of any application that appears to be a Binance application before downloading and installing it. Binance is not responsible for any losses that may be caused by the use of fake or illegitimate applications.

  • (Blog) Don't fall for the network: anti-phishing codes and other ways to protect yourself from these threats

  • (Academy) Protect your Binance account in seven easy steps

  • (FAQ) How to protect your Binance account from a scam

Risk warning: Investment in crypto assets is not regulated, may not be suitable for retail investors and the entire amount invested may be lost. It is important to read and understand the risks of this investment which are explained in detail in this location.