Fake, positive reviews have infiltrated nearly every corner of
life online these days, confusing consumers while offering an
unwelcome advantage to fraudsters and sub-par products everywhere.
Happily, identifying and tracking these fake reviewer accounts is
often the easiest way to spot scams. Here’s the story of how bogus
reviews on a counterfeit Microsoft Authenticator browser extension
exposed dozens of other extensions that siphoned personal and
After hearing from a reader about a phony Microsoft Authenticator
extension that appeared on the Google Chrome Store,
KrebsOnSecurity began looking at the profile of the account that
created it. There were a total of five reviews on the extension
before it was removed: Three Google users gave it one star,
warning people to stay far away from it; but two of the reviewers
awarded it between three and four stars.
Fraudulent reviews are a scourge. Apple’s App Store is riddled with them — I’m not sure I’ve seen a single story about a scammy app in the App Store that didn’t have a bunch of 5-star reviews. Amazon product pages are riddled with fake reviews too. There’s a huge cottage industry in paying for fake reviews in any online forum where reviews can come from anyone.
I don’t know what the answer is. Users think they like reading reviews from other users, but they have no idea how utterly untrustworthy unverified reviews are. There’d be outrage if Apple or Amazon simply pulled the plug on user-submitted reviews, or wiped the slate clean by nuking existing reviews and starting over with some sort of “verified reviewer” system. But the status quo is a cesspool of scammy reviews that many users believe they can trust. It’s a mess.