Earlier this month an Android anti-virus app, named Virus Shield, managed to fool thousands of customers into buying it, despite not having any anti-virus capabilities.
The $3.99 app initially appeared to be a hot purchase as it quickly rose to the top of the Google Play Store sales charts before Android Police discovered all was not as it seemed.
The app was subsequently removed from the store on 6 April but not before tens of thousands of people had purchased it.
Now Google is offering full refunds to anyone who bought Virus Shield. That’s long after the usual 15-minute refund window.
It’s also issuing a $5 Play Store credit, presumably in an attempt to regain some goodwill amongst customers who may have been left less than impressed by their app-buying experience.
Google sent the following email to customers who paid for the bogus app:
We're reaching out to you because you recently purchased the "Virus Shield" app on Google Play.
This app made the false claim that it provided one-click virus protection; in reality, it did not.
Google Play's policies strictly prohibit false claims like these, and in light of this, we're refunding you for your "Virus Shield" purchase. You should see funds returned to your account within the next 14 days.
Additionally we'd like to offer you $5 promotional credit, which can be used to purchase digital content on Google Play such as apps, games, books, music and movies.
Your credit redemption code is XXXXXXXXXXXXXXX. Click or tap here to redeem. For help redeeming, please visit our Help Center.
We're sorry for any inconvenience this may have caused; rest assured that we're always working to make Google Play better for our users.
Google Play Support
With a reported 30,000 downloads of Virus Shield, the total cost to Google could be as high as $269,000 (£160,000), so it’s great to see the company offering refunds rather than waiting for the developer who said that the upload was a mistake and that he intended to reimburse buyers.
But how can a bogus app make it to the top of the sales charts in the first place?
While Google does police its store and remove fraudulent apps from time to time, it has struggled to keep up with the problem of fake games serving adware, cryptocurrency mining apps and unofficial clones of legitimate apps.
So now might be a good moment to familiarise yourself with our 10 tips for securing your mobile device.
And for those of you looking for legitimate security software for your Android devices, Sophos’s Mobile Security for Android app includes malware prevention, the ability to delete data remotely, privacy review of apps and an automatic security advisor that can alert you of potential security risks when you change the settings on your device.