It’s never fun to be out of the loop. Take Clubhouse, for example — the exclusive audio-chat app is currently both invite-only and iPhone-only. So to find a website claiming to offer the official Clubhouse for Android app would be quite tempting. If only it were real.
According to ESET malware researcher Lukas Stefanko, there is a malicious website claiming to lead to a download for the Android version of Clubhouse. Whoever designed to dummy site took great pains to make it as accurate as possible, as the site is almost indistinguishable from the real thing. It just replaces iOS’ “Download on the App Store” button with Android’s “Get it on Google Play.”
Of course, once you follow that link, it’s anything but the real deal. The site actually looks for credentials from 458 apps, including financial, cryptocurrency exchanges & wallets, social, IM and shopping apps.
That list features apps like Twitter, WhatsApp, Facebook, Amazon, Netflix, Outlook, eBay, Coinbase, Plus500, Cash App, BBVA and Lloyds Bank — quite a few popular programs.
We aren’t saying to never download an app from its official website. Many times, we find new and interesting apps thanks to these download links. Our message to you is to double-check these sites, to make sure the link they’re asking you to click is legitimate.
If you’re ever unsure, it might suit you better to search for the app in the App Store or Play Store by hand. That way, if it pops up, you know it’s official.
Cover photo by Christian Wiediger on Unsplash