Posts Tagged ‘information technology security’

Google Play Store Warning

Monday, 5 August 2013

Before installing an app from the Google Play Store, if you do not otherwise have familiarity with the app's developer, look at the time-stamp listed for the latest version. If this version is only a day-or-so old, then look at the time-stamps for the app reviews. If all of these are only from the previous day-or-so, then wait a couple of days before installing the app.

I discovered that scam-ware is being posted to the Play Store, sometimes with thousands of shill down-loads and shill reviews, to give to it the appearance of legitimacy. Google acts to remove this scam-ware, but it takes them some time to catch up to it.

The Play Store review system is unfortunately very easily manipulated, and some developers are doing just that even for apps that are not themselves intended as scam-ware. Hundreds or thousands of shill reviews are posted over time. (These reviews are typically short, and sometimes absurd, as when a utility is said to be a great game.) Negative reviews are marked as Unhelpful by shills, and positive previews perhaps as Helpful; which, since the Play Store normally presents reviews ordered by Helpful-ness, means that negative reviews slide out of sight.