What happens if Play Store is not real?NurPhoto via Getty ImagesGoogle is building higher fences around its Play Store, as the fast and loose world of sideloading comes under increasing pressure. If Android is to narrow the security gap to iPhone, then this is a key challenge. This month we have already seen Google delete a raft of fake apps from its store, but what happens if Play Store itself is fake?A new report from CTM360 warns that a a large-scale new campaign is actively targeting users through fraudulent Google Play Store download pages, with meticulously crafted fake Play Store websites that closely mimic the official platform, successfully deceiving victims into downloading seemingly legitimate applications.Users are tricked into visiting the malicious pages through social media ads and messages. The apps are free and may come with special offers social engineering tricks to get users to engage. It looks like a Play Store link, but APK downloads are actually sophisticated Trojan malware designed to steal sensitive user information.The team reports finding more than 6,000 such pages, underscoring the widespread nature of the campaign, and that the apps being downloaded harvest banking credentials, monitor clipboard activity, log keystrokes allowing attackers to exploit victims data for further malicious activities. The scale and complexity of this operation indicate a highly coordinated effort to compromise users globally.CTM360 has named the campaign PlayPraetor after the Roman officials yielding control over citizens in the same way the PlayPraetor trojan takes control of infected devices, extracting sensitive data such as credentials and clipboard information.The campaign registers domains that are close enough to legitimate websites to trick users into clicking, or at least to stop them flagging the deceit. Some of those domains go further and mimic government agencies or public service portals, exploiting the trust associated with these organizations to increase the likelihood of successful infections. The fake Play Store download button just installs the Trojan.The same approach is taken with the apps that appear similar to legitimate apps in both icon and name but are actually Trojans designed to act as spyware. As usual with such attacks, there is rife permission abuse, including the Accessibility Services that expose devices to a complete hijack, including capturing screen content, monitoring keystrokes for sensitive data like login credentials and private keys, and continuously tracking clipboard contents to steal cryptocurrency addresses or passwords. The attacks can be targeted, honing in on banking or other financial apps, awaiting an opportunity to steal credentials and share them with their handlers.The advice to mitigating this threat is simple. Dont click links to Play Store on social media posts or ads or within messages. If you want to find an app, use Play Store in the normal way. And maker sure you keep Googles Play Protect enabled and do not disable this defense to install an app unless you know for absolute sure that its legitimate.