UPDATE: Apple has removed the iOS apps in question here from the App Store.
Watch out, TikTok kids! Some of the most popular accounts on your favorite short-form-video app may be promoting scammy Android and iOS apps designed to show you ads or rip you off.
This was discovered by a 12-year-old girl in the Czech Republic who promptly reported her findings to security firm Avast. Avast has the details in a blog post today (Sept. 22).
- TikTok VPN: How a VPN could evade a TikTok ban
- The best Android antivirus apps to keep your phone clean
- New: iPhone 12 leak just revealed a big last-minute surprise
"Altogether, the apps have been downloaded more than 2,400,000 times and have earned the people or persons behind the scam more than $500,000," Avast said in a press release.
All seven apps of the scammy apps were still available in the Google Play Store and Apple App Store at the time of this writing.
The apps claim to provide wallpapers, download music or be a phone-vibration game called "Shock your friends." But they will load ads outside of the apps or charge you between $2 and $10 for normally free items such as wallpapers.
"The apps we discovered are scams and violate both Google's and Apple's app policies by either making misleading claims around app functionalities, or serving ads outside of the app and hiding the original app icon soon after the app is installed," said Avast threat analyst Jakub Vavra.
"It is particularly concerning that the apps are being promoted on social media platforms popular among younger kids, who may not recognize some of the red flags surrounding the apps and therefore may fall for them."
Avast found at least three TikTok accounts that were aggressively promoting the apps, with the usernames 7odestar, Dejavuuu.es3 and Marina90lazina. The first had more than 300,000 followers.
It also found one Instagram account with the username Shockmyfriends.app promoting the apps. All four were still active as of Wednesday morning in New York.
Avast said it had reported the apps and accounts to Apple, Google, Instagram and TikTok.
Scam apps exposed
There are three Android apps and four iOS ones listed by Avast. All were still available for download when this story was written Tuesday morning (Sept. 22) Eastern time.
Update: By Tuesday evening, the iOS ones had been removed.
- ThemeZone - Shawky App Free - Shock My Friends
- Tap Roulette ++Shock my Friend
- Ulimate Music Downloader - Free Download Music
- Shock My Friends - Satuna
- shock my friend tap roulette v
- 666 Time
- ThemeZone - Live Wallpapers
How to protect yourself from TikTok scams
To protect yourself from scammy apps, be very wary of anything that's promoted via social-media platforms or via text or instant messages.
Also, read the reviews in the app stores before you download anything -- if something has exceptionally low ratings, as a few of these do, that's often a tip-off.
If you're on an Android phone, you should also install and run some of the best Android antivirus apps. That won't catch all scamware, but it will protect you from the most dangerous stuff. (Unfortunately, there are no antivirus apps for iOS.)
"We thank the young girl who reported the TikTok profile to us," said Avast's Jakub Vavra. "Her awareness and responsible action is the kind of commitment we should all show to make the cyberworld a safer place."
