Windows Store Scams: Why Microsoft Isn't Protecting Users
The State of the Microsoft Windows Store
The Microsoft Windows Store has faced significant criticism regarding the quality and safety of its available applications. Concerns center around a proliferation of apps designed to defraud users and illicitly obtain funds.
This issue has persisted for over two years, dating back to the release of Windows 8, and the situation appears to be deteriorating rather than improving. A secure and trustworthy app distribution platform for Windows users has, until recently, not been realized.
Addressing the Concerns
Update: Following widespread attention to the problems within the Windows Store, Microsoft initiated a substantial cleanup effort.
Over 1500 scam applications were removed from the store, and a commitment was made to maintain a higher standard of app quality and security. This proactive response is a positive step.
While the recent actions are encouraging, the long-term effectiveness remains to be seen. Continued vigilance is advised, as a considerable number of potentially fraudulent applications still remain available.
Users should exercise caution when browsing and downloading apps until a comprehensive resolution is achieved and the Windows Store is demonstrably free of malicious software.
It is crucial to remain aware and discerning when selecting applications to ensure a safe computing experience.
The Windows Store is Rife with Deceptive Practices, and They Are Easily Discernible
The prevalence of this issue is no secret. A search within the Windows Store for any widely-used application will reveal a multitude of questionable entries. Consider, for instance, the results obtained when searching for VLC:
Observing the screenshot provided, one might incorrectly assume a substantial number of official VLC applications are available. This is not the case; numerous applications are simply mimicking VLC’s trademark icon to project an air of authenticity.
Fortunately, VLC does provide a genuine application for Windows 8, making "VLC for Windows 8" the foremost result in the search list. Beyond applications falsely representing VLC itself, several paid options advertise a "VLC download." These are designed to mislead users into purchasing them, only to then be directed to a link for the freely available VLC application. It is hoped that the link provided will lead to the legitimate version, and not one containing malicious software!
Among the listings is "VLC Player Download" priced at $4.99. Its description states, "this app assists users in learning how to download, install, and understand its functionality." Should this prove too costly, alternatives such as "Download Vlc Player" for $1.99 or "download vlc media player" for $1.29 are also available.
This discovery wasn't the result of an exhaustive investigation. These deceptive applications appear prominently on the first page of search results for a popular application.
Conduct a search for another well-known application – such as iTunes or Firefox – and you will encounter similar, unhelpful applications. The situation is even more pronounced when these applications lack official presence within the Store. The results consist entirely of fraudulent applications masquerading as the genuine article.
In the case of iTunes, an application priced at $8.99 even claims to "help users learn how to use and download iTunes." These applications are demonstrably utilizing Apple’s official iTunes graphics without authorization, and some feature screenshots of the iTunes desktop application on their app pages.
The proper method for downloading iTunes involves entering "iTunes" into a search engine like Google, or directly visiting Apple’s website. Avoid the deceptive applications within the Windows Store.
Editor's Note:
During the fact-checking process for this article, it was revealed that the scope of the problem is even greater than initially assessed. Within a mere thirty minutes, counterfeit paid versions of Adobe Flash Player, Firefox, Pandora, IMDB, Candy Crush Saga, Wechat, WhatsApp, uTorrent, Picasa, Bluestacks, Minecraft, Spotify, Google Hangouts, Picasa, Clash of Clans, Blender 3D, and numerous others were identified.
Due to the utilization of legitimate names and logos for these scams, and the fact that only the fine print on some of these deceptive apps reveals that you are not downloading the real thing, many individuals have inadvertently paid for them. For example, David, as shown in the following screenshot, believed he was purchasing the Bluestacks player, only to discover it was a scam and is now requesting a refund. We sympathize with David, and hope a refund is issued!
Numerous similar reports were found from users who had been misled into paying for and downloading a fraudulent application.
To further illustrate the severity of the issue, one of the publishers of these scam applications simply identifies as "Google Chrome," and creates a dozen fake applications.
System Search Compromised by Windows Store Pollution
A significant drawback is the integration of the Windows Store directly into the system search functionality. Utilizing the Start screen search or the search charm to locate an application now yields results populated with undesirable apps from the Windows Store.
As an illustration, a search for Firefox via the system search feature may present a link to install "Firefox Training Lite" from the Windows Store, despite the availability of free, comprehensive tutorials online.
Desktop Windows users are being unnecessarily confronted with this unwanted software.
The Problem of Unnecessary Store Applications
The proliferation of these applications within the search results is particularly concerning as they often offer services readily accessible without cost elsewhere.
This practice effectively promotes paid alternatives when free resources are abundant, creating a frustrating experience for users.
It raises questions about the quality control and relevance of applications featured within the Windows Store.
The integration feels intrusive and diminishes the efficiency of the system search function.
Microsoft Prioritized Volume Over Value in App Submissions
Microsoft’s approach hasn’t centered on fostering high-quality applications. Rather, the company demonstrated a preference for a large quantity of submissions. In March of 2013, a promotional campaign was initiated by Microsoft, offering developers a $100 payment for each application submitted to either the Windows Store or the Windows Phone Store.
The maximum payout per developer reached $2000. An archived version of the promotional details, known as the "Keep The Cash" promotion, can be found on Archive.org. Notably, Microsoft has since removed the original pages detailing this initiative from its official MSDN website.
The Incentive Structure
Consequently, developers dedicating months to crafting a superior application received the same $100 reward. Conversely, those capable of rapidly producing numerous low-quality applications could earn up to $2000. This promotion effectively incentivized developers to minimize effort and generate a substantial number of subpar apps.
It remains unconfirmed whether any of these potentially fraudulent applications resulted in additional financial gains for their creators through Microsoft bonuses. However, the situation clearly illustrates Microsoft’s prioritization of quantity over quality within the Windows Store ecosystem.
The company’s focus was on achieving a large app count, irrespective of the actual merit of those applications. Maintaining a high number of apps was seen as beneficial for marketing purposes.
App Store Milestones
Microsoft publicly announced milestones of 100,000 apps, then 200,000, and ultimately 400,000 apps in April 2014. This figure encompassed both the Windows Store and the Windows Phone Store. A larger app store number was perceived as a positive talking point for the platform.
Removing problematic or fraudulent apps would inevitably reduce the overall app count. Therefore, Microsoft appeared reluctant to address the issue comprehensively.
It is now widely understood that the sheer number of apps available in an app store holds little intrinsic value. The true measure of success lies in the availability of desirable, well-executed applications that users actively choose to utilize.
Achieving a milestone of 400,000 apps through the acceptance of numerous scams is not a commendable accomplishment for Microsoft.
The Alarming Reality of Microsoft App Store Approvals
A particularly concerning discovery has come to light regarding the Microsoft app store. It appears that applications identified as scams are not only present but are actively being reviewed and approved by Microsoft personnel. The process, as described by Microsoft itself, involves a thorough examination of submitted applications.
Microsoft’s Certification Process
According to Microsoft, each developer submission undergoes a "Certification" process. This process is designed to verify an app's suitability for public release. The company states:
"Content compliance: Our certification testers install and review your app to test it for content compliance. The duration of this review is influenced by the app’s complexity, the volume of visual content, and the current submission queue."
This means that every fraudulent application currently available in the Windows Store, including examples like the $8.99 app offering iTunes downloads, has been directly installed and assessed by a Microsoft certification tester. The content within these apps has been evaluated against Microsoft’s stated policies.
This raises serious questions about Microsoft’s commitment to user safety. Either the company is knowingly allowing scams to proliferate, or the app auditing procedures are not being effectively implemented. Both scenarios are detrimental to Microsoft’s reputation.
Reporting Scams – A Futile Effort?
While a reporting mechanism exists for flagging problematic Windows Store apps, its effectiveness is questionable. Given that Microsoft has already vetted and approved these questionable applications, it’s unclear whether reports would result in their removal.
The current situation suggests a potential acceptance of deceptive practices within the store, or a significant failure in the app review process. It begs the question: will Microsoft take action against these apps even when brought to their attention?
Examining App Store Practices: Google and Apple
To illustrate effective app store management, a comparison with the approaches of Google and Apple is insightful. Consider a search for "iTunes" within the Google Play Store. Since iTunes itself is not offered on this platform, does this lead to fraudulent applications?
The answer is no. Instead, users are presented with applications designed to facilitate synchronization between Android devices and iTunes, as well as remote control options for iTunes. Notably, there are no applications falsely claiming to be iTunes installers for PCs, nor are Apple’s official iTunes icons misappropriated.
Let's examine another example: a search for "Firefox" on the iPad App Store. Given that Firefox is not natively available for iOS, does this result in deceptive applications?
Again, the response is negative. The store showcases a selection of alternative web browsers that may appeal to individuals seeking Firefox. An application named "Foxbrowser," while visually reminiscent of Firefox, incorporates built-in Firefox Sync functionality. Its purpose isn’t to mislead, but rather to provide a valuable service for Firefox users.
Microsoft should observe these practices. These are the hallmarks of mature, well-managed platforms that prioritize a legitimate and trustworthy app store experience.
Addressing the Prevalence of Scams Within the Microsoft Store
Related: Guidance on Preventing the Installation of Unwanted Software During Free Downloads
A critical question arises: why does Microsoft appear unconcerned with the proliferation of low-quality and potentially fraudulent applications available through its official store, particularly for Windows 8.1 users? The prevailing hypothesis suggests that the sheer volume of applications is prioritized over quality control.
For almost two years, there has been little evidence to suggest that Microsoft is actively addressing the issue of substandard applications hosted within the Store. This lack of intervention raises concerns about the user experience and the overall integrity of the platform.
Ideally, the Microsoft Store should function as a secure and reliable resource for Windows users. Individuals should be able to confidently browse and download applications without the risk of encountering malicious software. The Store’s potential to be a safer alternative to web-based downloads is currently undermined.
Instead of providing a secure environment, users are increasingly exposed to deceptive applications, often designed to defraud them. This situation presents a significant risk to unsuspecting customers.
It is important to note that Microsoft receives a percentage of the revenue generated from each application sold within the Windows Store, including those identified as scams.
Image Credit: "Keep the Cash" image courtesy of Jennifer Marsman, featured on MSDN Blogs.