Fraudulent developers frequently exploit google play to hire teams of willing workers to commit fraud collectively, emulating realistic, spontaneous activities from unrelated people. This behavior is called “search rank fraud”. We present Fair-Play, a novel system that uncovers both malware and search rank fraud apps, by picking out trails those fraudsters leave behind. To identify suspicious apps, Fair-Play PCF algorithm correlates review activities and uniquely combines detected review relations with linguistic and behavioral signals gleaned from longitudinal Google Play app data. We contribute a new longitudinal app data-set to the community, which consists of over 87K apps, 2.9M reviews, and 2.4M reviewers, collected over half a year. Fair Play achieves over 95% accuracy in classifying gold standard data-sets of malware, fraudulent and legitimate apps. We show that 75% of the identified malware apps engage in search rank fraud. Fair Play discovers hundreds of fraudulent apps that currently evade Google Bouncer detection technology, and reveals a new type of attack campaign, where users are harassed into writing positive reviews, and install and review other apps.