Some Android apps disguise themselves as your friend. They say they'll help or entertain you, when in fact they just want to harm you.

Google's Play Store has frequently received criticism for its less-than-robust approach to filtering unsafe content. If you're not careful, you could find yourself being tracked, hacked, or conned.

With that in mind, here are the biggest offenders on the bad apps list. They already have millions of installs---make sure you aren't one of them.

quickpic comments

What it is: QuickPic used to be a friendly and easy-to-use photo gallery. It was never flashy, but clear communications and frequent updates saw it steadily grow a well-sized user base.

Why it's bad: It was bought by the infamous Chinese firm, Cheetah Mobile, in 2015. It immediately became a harmful app for Android; the company started uploading users' data to their own servers, as evidenced by one Google Plus user who found a raft of new DNS requests that were attributable to the app.

The app was removed from the Play Store altogether in late-2018 but returned in 2019. At the time of the return, Cheetah told Android Police that QuickPic was not removed due to advertising click fraud; instead, the company just didn't want to maintain it anymore.

Today, there are hundreds of QuickPic incarnations. It's hard to tell which is the original version. One easy-to-follow rule will keep you safe, though: don't install any of them!

What you should use instead: There are lots of gallery apps for Android. One of the best QuickPic alternatives is Simple Gallery. It has a photo editor, a file manager, and multiple themes.

2. ES File Explorer

What it is: ES File Explorer was probably the most popular file explorer app out there. That's because it used to be really, really good---five years ago.

Why it's bad: The free version was pumped full of bloatware and ad-ware, and it endlessly nagged you to download additional apps via notification bar pop-ups you can't disable. However, the situation got a whole lot worse in April 2019 when the once-popular app was thrown off the Play Store for committing click fraud on its ads.

For those who don't know, click fraud refers to the practice of automatically clicking background ads on users' devices without them being aware.

Today, you can download the ES File Explorer APK or download dozens of impersonators that are still on the Play Store. You should avoid all iterations of the app.

What you should use instead: There are loads of Android file explorers to choose from. If you're concerned with ease-of-use, try Files by Google; or if customization is your thing, you can look to Total Commander.

3. UC Browser

What it is: The most popular Android web browser in China and India. It claims to have a fast mode that'll save you data thanks to compression.

Why it's bad: Tracking. Users' search queries are sent without encryption to Yahoo India and Google. A user's IMSI number, IMEI number, Android ID, and Wi-Fi MAC address are sent without encryption to Umeng (an Alibaba analytics tool). And users' geolocation data (including longitude/latitude and street name) is transmitted without encryption to AMAP (an Alibaba mapping tool).

What you should use instead: Where to start? Chrome and Firefox are the obvious choices if you want a fast Android browser, but some people have worries about privacy there too. The DuckDuckGo Privacy Browser is a solid all-round option.

4. CLEANit

What it is: A "junk file cleaner" that's been installed 10 million times and has 85 percent four- or five-star reviews.

Why it's bad: Most of what it advertises is detrimental to your phone. For example, clearing the cache will ultimately slow your phone down when it needs to be rebuilt, clearing your RAM only leads to more battery usage, and killing running apps does not save your battery as claimed.

What you should use instead: Greenify is a much better option for reducing battery drain caused by apps, and SD Maid is a more useful junk filter for ad files and logs, etc.

5. Hago

hago app

What it is: Hago is an all-in-one app for hanging out with friends, playing games, and chatting in real-time.

Why it's bad: Is Hago safe in the traditional sense? Yes, we think so, as there's no evidence of severe malpractice. However, the app lets you earn real money for playing games and participating in groups. That immediately sets alarm bells ringing.

Add that to the fact you can earn more money if you sideload the app rather than installing via Google Play, and we think a problem could be brewing.

What you should use instead: Android has no shortage of free games where you can play against strangers on the internet, while apps like WhatsApp will suffice for talking to friends, and Kik for talking to random people.

6. DU Battery Saver & Fast Charge

What it is: DU Battery Saver & Fast Charge was a "battery-saving" app with an insane number of downloads---it had a barely-believable 7.6 million five-star reviews.

Why it's bad: Fast Charge? An app does not have the ability to change how fast your device charges. This is also the king of adverts---it sponsors almost every ad that you see in any other app and manifests its own ads on your lock screen and notifications bar. Also, all those fancy speed graphs and cool animations? Totally fake.

The app was thrown out of the Google Play Store in April 2019 as part of the click fraud scandal. But you can still find the APK on APK download sites, and millions of people still run the app on their older devices.

What you should use instead: If you're genuinely interested in your phone's battery stats, you should use GSM Battery Monitor. For proper battery saving, try the aforementioned Greenify.

7. Dolphin Web Browser

What it is: An ad-free, Flash-supporting, HTML 5 video-enabled browser. It's got 50 million downloads and counting.

Why it's bad: Like UC Browser, this is a tracking nightmare. Worst of all, it saves your incognito mode website visits into a file on your phone---go and check. Users have even discovered that when using a VPN, the browser reveals your ISP-assigned address. Don't believe the hype; delete it now.

What you should use instead: As mentioned earlier, Chrome, Firefox, and DuckDuckGo Privacy Browser are your three best options.

8. Fildo

fildo

What it is: An illegal music downloading app disguised as a music player.

Why it's bad: For a long time, Fildo had ties to the Chinese online entertainment company, Netease. It used a backdoor API trick to let you download any song that you wanted from Netease's servers.

Is Fildo safe today? Maybe. Netease has closed the loophole, so a lot of long-time users have abandoned ship. Fildo now brands itself as a music management app. But the app has a nefarious background, and shouldn't be trusted on the grounds of possible data collection and other privacy-busting practices.

What you should use instead: If you want to listen to music, the obvious answer is a service like Spotify. For music management, check out Cloud Player.

9. Clean Master

What it is: Another popular "speed booster, battery saver, and phone optimizer". It had 600 million users and 26 million five-star reviews before being removed in 2019. Again, the APK is still available and widely used.

Why it's bad: Firstly, it's made by Cheetah Mobile. We referred to them earlier---the company is renowned for packing ads, bloatware, and nag screens into their apps.

Secondly, it doesn't do anything useful; RAM-saving apps might have been valuable once upon a time, but you no longer need them. Android has its own native handler for assigning RAM and ensuring it's all being used in the most optimal way---in many cases, it even deliberately keeps RAM loaded to help performance.

What you should use instead: Honestly, nothing. If you really insist, SD Maid is your friend.

10. Almost Every Anti-Virus App

What it is: There are loads to choose from; most of the well-known desktop antivirus suites now have a smartphone offering.

Why it's bad: They aren't bad per se, but they are largely unnecessary---that's why the biggest names in the industry now market their apps' anti-virus capabilities as part of a larger security package.

There are a couple of caveats, however; if you install software from third-party sources (i.e., not the Google Play Store), or if you have a rooted device, the apps are worth considering. Both these situations can open you up to malware that Google has no control over.

What you should use instead: In this case, it's not so much what you should install instead, but rather that you need to make sure you're installing a full-fledged security package from a recognized provider.

The apps from companies like Avast and Avira tend to offer additional features such as password-locked apps, remote device wiping, and call blockers.

Avoid the Most Dangerous Apps on the Play Store

In truth, very few apps on the Play Store are completely "safe." Almost all companies are guilty of at least some data collection.

But there are some really harmful apps on the Play Store. The ones we've discussed only scratch the surface.

Digging even deeper, a sideloaded APKs pose an even greater risk. If you were once a loyal customer of companies whose apps have been booted out of the app store, don't not continue to sideload them. They are likely even more dangerous than they were previously.