Spotting a fake app is usually pretty easy, but that hasn’t stopped hackers and scammers from trying to trick us. The latest example is a pair of fake Telegram apps that look and work just like the real thing, but bombard you with ads to make extra money.
The phony versions of Telegram, a popular messaging app with a focus on security, were recently spotted by cybersecurity firm Symantec. They both look like nearly perfect copies of the real thing, though their Google Play Store pages did have a few red flags.
In this case, the app’s name is misspelled as “Teligram.” The company behind it is listed as “Warriordevelopers inc.” (another red flag), and it only has a few thousand reviews — compared to the millions of reviews for the real app. The scammer also added “[NEW VERSION UPDATED]” to presumably explain these differences, but that also comes off as sketchy and unprofessional.
However, if you weren’t paying attention and accidentally downloaded Teligram instead of Telegram, the actual app really is nearly identical. That’s because the real service uses open-source software, meaning anyone can modify it to make improvements or just copy it entirely.
From this setup page, the only difference between real (left) and fake (right) is the word “Teligram” and the colour of the in-app button. Otherwise, they’re identical.
Under the surface, however, these fake apps add extra malicious software. In this case, the only purpose seems to be showing you extra adds to make money. However, they could also be potentially used to gain backdoor access to your smartphone.
Symantec doesn’t link to either of the fake apps it found, and they have likely already been removed by Google. But considering Telegram’s open source design it’s likely we’ll see more copycats pop-up in the future, so it’s something to watch for.