Avoid These Phone Call Scam Apps on Android
Older Android phones pose a known security risk, but a recent study by the Microsoft 365 Defender research team shows how vulnerable older devices are to a serious form of malware known as “toll-free scam.”
Phone call scam malware hides in regular apps, subtly subscribing users to premium subscription services through the user’s phone service. We’re not talking about hidden Netflix subscriptions here: instead, victims subscribe to useless services that can cost hundreds of dollars or more each year.
Microsoft research shows that devices running Android 9 and older are at the highest risk of such attacks, but we have seen similar exploits affect newer versions of Android as well . Even worse, hackers are constantly changing how these attacks work, allowing malicious apps to bypass Google Play’s security measures. This means that there could be dozens of rogue apps lurking in the Google Play Store listings right now (along with other types of malware), so it’s important for all Android users to know how to spot a problem before it becomes one.
What is paid scam?
Microsoft has comprehensive information on how phone line scams work, but a typical attack occurs in three stages.
First, the user downloads a seemingly safe app from Google Play or a third-party app distributor. Once an app is installed, it is updated with new malware that usually flags Google Play security checks.
Once updated, the app performs the second phase of the attack, which includes several different steps, such as using fake login pages and Wireless Application Protocol (WAP) to register you with unwanted services. (WAP is a legitimate tool that apps use to register users for services through their phone service rather than through a payment card or other billing methods, but they are clearly susceptible to abuse .)
Because WAP requires a cellular connection, the rogue app will often wait for the infected device to use wireless data instead of Wi-Fi. In some cases, these apps will even force the phone to connect to cellular data even if a Wi-Fi connection is available.
As for the last part of the attack, the app intercepts and blocks the SMS confirmation – the messages you usually receive after legitimately signing up for WAP services – so you won’t know something’s wrong until you check your phone bill and see something unexpected. message. transactions.
How to prevent fraudulent malware attacks
Paid attacks like this happen silently in the background, making them extremely difficult to detect. The Microsoft research team has outlined ways Google can continue to improve its security features to prevent phone call scams and similar forms of malware, but there are also several ways users can prevent these attacks themselves.
Obviously, the most important thing is to keep your devices up to date with the latest versions of Android and all security patches. As we mentioned above, devices running Android 9 and earlier are at the highest risk. If possible, update to Android 10 or later and install the latest security patches available to you.
Of course, updating to a newer version of Android is not possible for all devices, and buying a new phone to replace an outdated one is also not possible. Additionally, we have seen similar attacks on newer versions of Android such as the “Joker” malware ; it’s also possible (in fact, likely) that new forms of toll-call scams could target new Android phones in the future.
That’s why you should always check the app carefully before downloading it . Read reviews (not only the highest but also the lowest), research the app online, and only download apps from trusted sources. Similarly, installing a trusted anti-malware app can let you intercept sketchy apps before they can do anything.
However, many dubious apps appear to be legitimate, so you still need to keep an eye out for red flags after you install an app. Common characteristics of malicious applications and Trojans include:
- Seemingly random login pages asking to be linked to a social network or email account.
- Unnecessary application permissions.
- Requests to install additional software or updates that are not delivered through the Google Play store.
This is not an exhaustive list, but these are common indicators of an insecure application. Be sure to check out our guides to spotting other types of internet scams and malware for more tips .
[ Central Android ]