Glowing endorsements and stolen celebrity identities that are used to boost sales can be bought for as little as £1 each
CONSUMERS are being duped into downloading apps by fake reviewers using the stolen identities of celebrities, elite athletes and even a United States congressman, an investigation by The Sunday Times has found.
Posing as an app developer, an undercover reporter released a shoddy and ineffective lie-detector app called Spot the Faker! for iPhone and Android handsets, then boosted it with dozens of fake five-star reviews bought from social marketing companies.
After just two weeks the Android app had accumulated 47 five-star ratings on the Google Play store. The iPhone app had 12 five-star ratings on the rival iStore. The glowing endorsements had been bought for a total of £120 from three companies that openly advertised app review selling services and were prominently listed on Google’s own search engine.
One of the companies boasted that it could provide orders of up to 500 reviews at a time, while another revealed that it got around Apple and Google’s controls by slowly drip-feeding the fake reviews into their stores.
Most of the reviews provided by these companies were posted from fake “sockpuppet” accounts created using photographs stolen from real people — including a 21-year-old woman from Hadfield, Derbyshire; America’s longest serving congressman; an Oscar-nominated actress; an Olympic swimming champion and a German pop star.
Spot the Faker! was not the only app to receive reviews from this network of sockpuppet accounts. Reporters identified more than 100 other Android and iPhone apps that had benefited from fake reviewers.
In some cases the sheer number of fake five-star reviews obscured the one-star reviews from customers who had posted warnings that an app was a “scam” or had compromised their data.
Other apps bolstered by fake reviews were aimed at teenagers, children and even toddlers. Users were bombarded with internet advertising.
This weekend Apple and Google said they had systems in place for detecting fake reviews and would remove anyone found responsible for them from their sites. Experts, however, called for a renewed effort by the technology giants to tackle the fake-review “factories” located around the world.
Professor Alan Woodward, a cyber-security expert from the University of Surrey, said: “There are so many dummy accounts out there. There’s a whole industry of these bots churning out fake IDs and reviews.”
One of the “factories” is located in the Philippines on the island of Cebu — marketed as “the gateway to a thousand journeys”. Social Marketeers is a company run by Richard Roles, an expatriate entrepreneur living on Cebu after leaving Aldershot, Hampshire. His company’s website offers an online equivalent. “All for one and one for social media” reads the website’s slogan.
Social Marketeers, which offered to create and post fake reviews for apps, also boasted that it was “the No 1 most trusted social media warehouse” and had taken more than 42,000 orders.
One of them, for 20 iPhone reviews priced for $24 (£17), was placed by a Sunday Times reporter. While the reviews were not posted before Spot the Faker! was intentionally withdrawn, Roles, 26, appeared unrepentant.
“Sometimes in life people just need a little boost on their apps . . . their apps suck, hence why they want to buy it [the review] to look popular and make it go viral,” he said.
He added that he had now stopped selling reviews after having received a “cease and desist” order from Apple.
The registered address for Social Marketeers is a house near Aldershot owned by a retired couple, who said last week that they had no knowledge of the company or its founder.
Roles said that he had picked it at random: “It’s an address near where I used to live, because we didn’t want our competition to know who we were.
“This industry is very violent. Most of these sites are based in India and Africa. We’ve had threats from some because we were ranking higher in Google searches.”
Some of those duped by fake reviews from firms such as Social Marketeers are also in danger from malicious apps that steal personal data.
In November last year Apple and Google were forced to withdraw an app that claimed to track Instagram photographs after a developer discovered it was stealing users’ passwords.
The malicious app had been boosted by fake five-star reviews and downloaded up to 500,000 times before finally being taken down.
In response to our investigation, Google said: “We have strict policies against creating fake reviews or ratings on Google Play. We constantly remove and enforce against inappropriate behaviours through automated detection or as soon as we are made aware of them.”
Apple said developers who “attempted to manipulate or cheat the user reviews and rankings with fake or paid-for reviews” would have their apps and Apple accounts deleted.
Some experts believe current safeguards and customer protection are inadequate and that Google and Apple are doing too little to combat the problem.
Stuart Miles, who runs Pocket-Lint, a technology review site, said: “Services like Google and the Apple app store want people to write reviews because they want the content to be there. It adds to the sales data and the product page.”
Exposing the ebook fakers
A Sunday Times investigation last year revealed how fake-review dealers could manipulate Amazon’s bestsellers list.
Everything Bonsai, a poorly written and error-strewn ebook, was published on Amazon and fake review firms were paid £56 to push it to No 1 on one of the site’s bestseller charts.
Days after our report last October, Amazon began legal action in America against more than 1,000 review writers for the “manipulation and deception” of customers.
Fake reviews were posted from accounts using stolen information about real people, including pictures of Middlesbrough schoolgirls.