Quick Heal Technologies has released new findings on the rapid spread of fake app fraud across India, highlighting how cybercriminals are increasingly targeting mobile users with advanced deception techniques. According to Seqrite Labs, the company’s malware analysis division, attackers now disguise malicious APK files as legitimate apps to steal data, drain bank accounts and compromise devices.
These apps are commonly shared through phishing links on WhatsApp, SMS and social platforms, and are often designed to mimic banks, delivery services, or government schemes. Many contain embedded spyware, adware or billing exploits that allow attackers to harvest sensitive information and execute financial fraud.
Attackers Now Use AI, Deepfakes and Social Engineering
Seqrite Labs researchers report that fraudsters are deploying a wider set of tactics than before. These include AI-generated five-star reviews to create false legitimacy, deepfake voices to manipulate victims and cloned images of government symbols to bypass suspicion. Quick Heal’s investigation found more than 250 fake dating and social apps circulating in Asia that were specifically designed to extract personal files and authentication data.
Cases of large-scale fraud continue to rise. Apple blocked USD 1.8 billion worth of fraudulent transactions in 2023, while Indian authorities have dismantled scams that used counterfeit crypto-mining apps to steal hundreds of crores from investors. The current wave of attacks relies on social manipulation combined with hidden malicious code, increasing the likelihood of identity theft and ransomware.
High Vulnerability Across All User Groups
Quick Heal notes that the victims span elderly users, young professionals and enterprises that rely on mobile apps for routine operations. A growing number of blended attacks use psychological triggers, misleading branding and obfuscated code to slip past basic security checks. The firm warns that even familiar apps can be weaponised if downloaded from unofficial links or third-party sites.
Businesses are also exposed. Compromised devices can allow attackers to access enterprise communication channels, customer data and internal credentials, making mobile security a board-level concern.
Recommended Safety Measures
Quick Heal advises users to limit downloads to official app stores and thoroughly inspect developer names, reviews and download counts for inconsistencies. Suspicious links, QR codes and unsolicited APK files should be avoided entirely. Users should keep software updated to access the latest security patches and enable features like Google Play Protect.
If an infection is suspected, Quick Heal recommends immediately switching the device to airplane mode, removing permissions, uninstalling the malicious software and performing a full reset if necessary.
Emerging Defences Through AntiFraud.AI
Quick Heal’s new AntiFraud.AI feature provides real-time detection and blocking of fraudulent apps, phishing websites, UPI scams and fake banking calls. The technology is trained on years of malware analysis, including credential-stealing apps, wormable social-media malware and adware campaigns with millions of downloads.
Quick Heal continues to develop localised, cloud-based and ML-driven defences designed to reduce system resource usage while preventing emerging mobile threats in real time.
