While taking a look into a reported vulnerability in a WordPress plugin recently we noticed a rather glaring example of the use of fake reviews. First and foremost there were almost as many reviews as active installations of the plugin:
Unless the very few people using it really liked the plugin, the number of reviews is way out of line with other plugins (where there usually is one review per one hundred or more active installs).
The other big tip-off was that all the reviews occurred on one day (two days after the plugin was released):
One of those reviews was from someone who was supposed to have used it while running WordPress 1, which seems quite unlikely, to say the least.
I noticed the same for a plugin called Checkout Manager for WooCommerce by Quadlayers https://wordpress.org/support/plugin/woocommerce-checkout-manager/reviews/
The plugin reviews are mostly fake and have review text that doesnt make any sense for this plugin, such as “new leads” or “improved customer communication”, just fake reviews from my perspective..
It’s easy to spot as well if you have a lot of 5* and 1* reviews, which is the case for that one as well. In addition, if you look at the reviewers, they are often blank accounts with no forum participation.
Just like Quadlayers, there are probably many others faking their reviews for more installs -> more upgrades -> more $$$.