You might have read our recent series on crypto scams - for example part 3 on fake apps.
Today our security team prepared a tutorial on how to spot fake websites and apps. Read on to learn more.
Stay safe in app stores
When downloading an app like imToken, you might go to the Google Play Store or Apple App Store. When visiting one of those two app store, simple tips can help you to stay safe:
- Search for the app name and be careful if you find multiple apps, because usually only one is real and fake apps try to look similar to real ones
- An app with many reviews and downloads is less likely to be fake, because fake apps will be taken offline before getting many downloads
If you don’t download from the two big app stores, be careful, because smaller app stores are - generally speaking - less safe. Why? Because in our security team’s experience, they are less strict in taking down fake apps.
If you don’t download from app stores at all, you might use an official website - such as imToken’s https://token.im/ . In this case, here are our recommendations:
Three steps to tell if a website is real and safe
- Make sure that the domain name you entered in the browser is: https://token.im/
Note: Be sure to use HTTPS instead of HTTP.
- Make sure there is a security icon such as 🔒 or 🛡 in front of the domain name.
- Click the security icon, the website is real and safe if the pop-up shows “Connection is secure”. Otherwise, the website is fake and you can contact us via firstname.lastname@example.org. We’ll get you the help you need.
Before downloading imToken, please make sure you have completed the three steps.