Skip to content

NCSC calls on tech firms to tackle rogue apps, but has the ‘horse already bolted’?

rogue apps

The UK’s National Cyber Security Centre (NCSC) has called on the tech industry to help protect consumers from rogue apps.

A report from the NCSC showed that millions of pounds are being lost by consumers due to rogue apps set up by scammers to harvest data and spread malware.

The NCSC also highlighted risks associated with poorly designed apps that are not intended for cybercrime but are highly vulnerable to hackers.

As a result, the government has requested support from the tech industry in a call for views on enhanced security and privacy requirements for apps and app stores.

One proposal to reduce the damage done by fraudulent and poorly designed apps is to request app stores and developers to agree to a new code of practice that would establish baseline security requirements.

“It’s good to see NCSC calling for views on ‘rogue apps’ and cracking down on app stores as these threats are endemic, but it could be too little too late,” said Armen Najarian, chief identity officer at anti-fraud specialist firm Outseer.

“Rogue apps make up 39% of all fraud globally, and attacks rose by 50% over Q3 2021. These convincing fakes have the ability to infect hundreds of thousands of consumers, costing them billions of pounds per year, and companies their reputations. The horse has already bolted.”

Najarian added: “Hopefully this call for views will result in new laws being passed, but it’s likely to be a slow process. Until that happens the best defence for consumers is education.

“There are tell-tale signs of rogue apps, such as poor spelling and grammar or very few user reviews on app stores. For companies, they must deploy brand monitoring, giving them 24/7 scanning capabilities across app stores, social media and URLs, coupled with rapid take down services that can stop rogue apps in their tracks.”

It comes as the NCSC and innovation firm Plexal have revealed five startups to receive support for finding ways to tackle ransomware. The startups are: Cyntegra, Goldilock, Vault Sentinel and SOS Intelligence.