STOP the Spyware: How to Spot the Fake Signal & ToTok Android Apps Before They Steal All Your Personal Data
Disclosure: This is a public service security advisory. It contains affiliate links to security products we strongly recommend for personal digital protection. Your support helps fund our public awareness efforts.
Criminals are exploiting your trust in secure messaging apps to spy on you. As we've detailed in our **recent security alerts**, there is a wave of malicious spyware disguised as legitimate apps like Signal and ToTok. This guide is your definitive checklist for spotting these fakes before they can do any harm.
Part 1: The Pre-Installation Checklist — 4 Things to Check BEFORE You Install
The best way to win the fight is to never let the enemy onto the battlefield. Before you install any app, especially a security-sensitive one, perform this 4-step check.
1. Check the Source: Is it the Google Play Store?
This is the only question that truly matters. If the link you clicked took you to a website to download an `.apk` file, **STOP. DO NOT INSTALL IT.** It is almost certainly malware. Legitimate developers distribute their apps through the official Google Play Store.
2. Check the Developer Name
In the Google Play Store, look directly under the app's name. For a legitimate app, you will see the official developer's name. For Signal, it should say **"Signal Foundation."** If it says "Signal Secure LLC," "Signal Private Messenger," or anything else, it is a fake.
3. Check the Reviews and Download Count
Look for signs of fakes. A globally popular app like Signal will have millions of downloads and a mix of good and bad reviews. A fake app will often have a suspiciously low download count (e.g., 5,000 downloads) and a flood of generic, 5-star reviews with no detail. This is a major red flag.
4. Check the "About this app" Permissions
In the Play Store listing, scroll down and tap on "About this app," then look for "App permissions." Does a simple messaging app need to be a "Device Administrator"? No. Does it need to "draw over other apps"? Not usually. If the permissions seem overly broad or suspicious, do not install it.
Part 2: The Post-Installation Audit — 3 Ways to Check Your Phone NOW
If you're worried you may have already installed a fake app, perform this 3-step audit immediately.
1. Verify with the Play Store
This is the most definitive check. Go to the **Google Play Store > [Your Profile Icon] > Manage apps & device > Manage**. This list shows all apps on your phone that were installed from the Play Store. If your Signal app is **NOT** on this list, you sideloaded it. **UNINSTALL IT IMMEDIATELY.**
2. Audit Your Permissions Manager
Go to your phone's **Settings > Apps > Permission manager**. Go through each category (`Camera`, `Location`, `Microphone`, `Files`). Do you see any apps in these lists that shouldn't be there? A simple calculator app should not have access to your camera or location. Revoke any permissions that seem suspicious.
3. Run a Full Security Scan
The only way to be certain your device is clean is to scan it with a high-quality mobile security tool.
You can't be expected to be a security expert 24/7. A powerful security suite is your essential safety net to automatically detect and block malware, phishing attacks, and spyware before they can do damage.
Kaspersky Premium is our top-rated solution for its world-class detection rates and comprehensive feature set.