• Partners
  • Copy Trading
  • Portfolio Management
    • Join Exness
    العربية বাংলা Español Français हिंदी Bahasa Indonesia 日本語 한국어 Português ไทย اردو Tiếng Việt 简体中文

    Protect your device: fake apps, “free premium” ads, and malware

    • Updated

    Discover how fake apps and malicious software (malware) can lead to account compromise, and what to do if you install something suspicious. Malware can steal your sign-in details or hijack your session. It may also trick you into approving actions you did not intend to confirm.

    How these scams work

    Scammers may promote seemingly real but ultimately fake apps, “cracked” software, or browser extensions that end up stealing passwords, OTP codes, or session data once installed.

    Common signs of a risky download

    Scammers and malware creators will use legitimate-looking pages and branding, so don’t rely on design alone. Instead, watch for these common red flags/signs:

    • It’s shared through an ad, messenger link, or social media post (especially if you didn’t ask for it).
    • It promises something “too good to be true”, like “free premium”, “cracked”, “unlocked”, a free annual subscription, or “free crypto/USDT”.
    • The developer or publisher info is unclear (missing, generic, or doesn’t match the official company/app store listing).
    • You receive security alerts from other services (for example, Gmail, Apple ID, Microsoft, Binance) about a new login, new device, or suspicious activity.
    • You’re asked to install extra software, add a browser extension, or allow remote access to your device.
    • You’re told to disable antivirus/security features, or to open password-protected files “so they can run.”
    • The app requests permissions that don’t match its purpose, such as Accessibility, SMS, Device admin, or full file access for a simple app.

    Safe download rules

    • Install apps only from official app stores or official websites.
    • Avoid downloads from ads, email links, and pop-ups.
    • Keep your operating system, browser, and antivirus/anti-malware software up to date.
    • Remove extensions you do not use or do not recognize.

    What to do if you installed something suspicious

    If you think you installed a suspicious app, file, or browser extension, act immediately:

    1. Run a full security scan
      Use reputable antivirus or anti-malware software and follow its recommendations.
    2. Remove suspicious items
      Delete any suspicious apps, files, and browser extensions you don’t recognize or don’t need.
    3. Update your passwords (start with email)
      • Change the password for your registered email account first.
      • Then change your Personal Area (PA) password.
      • If you reused the same password anywhere else, change it there too (especially for financial services, crypto wallets/exchanges, and social accounts).
    4. End other sessions
      Go to Settings, choose Security settings, and select Log out from other devices.

    If you see suspicious activity or believe your account was accessed, open a ticket in the support hub.

    Related articles

      In this article

    Related articles

    Was this content helpful to you?

    Your thoughts matter to us! Sharing your feedback helps us make our materials
even more useful and enjoyable for you

    We’re hard at work updating this content

    We apologize for any inconvenience caused while this page was under maintenance;
    it will be back up and better than ever as soon as possible.

    In the meantime, please browse the Help Center for other articles that may be helpful.