There’s no shame in admitting that you can sometimes be gullible on the Internet. However, you should read all about the different scams that abound so you’re better informed and better prepared. One of those that you might have come across on the Google Play Store is an app called “Updates for Samsung”. Apparently, this app has duped millions into downloading it and maybe even got some people to give up their money just to get updates that they could get for free officially.

According to a report by CSIS Security Group, there have been more than 10 million downloads of the app on the Google Play Store with its promise getting update downloads for your Samsung device. It has a “Download Firmware” section and while it has a “free” tier, it also encourages you to subscribe annually for $34.99 per year so you can have access to all the firmware downloads that you want.

However, if you’re familiar with the whole firmware process, you know that Samsung offers these regular downloads for free and that the official one arrives on your phone. There’s no need to get it from a third-party, let alone pay for it. And obviously, this app is not “official”. In fact, if you do pay for that subscription, you don’t even go through the official Google Play subscriptions protocol and instead they ask you for your credit information and sends it to an API endpoint, which is pretty shady in itself.

But despite this obviously shady practice (and the app itself is littered with ads), the app still remains on the Google Play Store. It’s surprising that it hasn’t been taken down either because of complaints or upon further review of the app. While it doesn’t exactly install malware or viruses on your smartphone, it’s still an app that you should not install and obviously, you do not pay for firmware updates.

For its part, Google should be more vigilant about screening apps like this that may be scamming users. While it’s hard to monitor thousands of apps, it is the integrity of their platform at stake and the security of their millions of users.