Android users get caught up in toll fraud that uses malware to increase their telecom bills

A fresh report from Microsoft Security says Android users are being attacked by malware that subscribes unsuspecting phone owners to expensive premium services they haven’t requested or subscribed to. The victim keeps the bag at the end of the day because the malware adds these costs to his or her monthly telecom bill. Since no one wants their phone cut off, these payments are usually made without questioning them, although many victims don’t even bother checking their phone bills every month.

Since this attack relies on a cellular network to do the dirty business, the malware can disconnect you from Wi-Fi or otherwise force you into your cellular network. Once connected to a mobile network, the malware will start subscribing to premium services and will even steal a one-time password (OTP) sent to verify your identity. Any notification sent to show that you have signed up for a subscription service will be suppressed to hide the act from the victim so that he or she does not unsubscribe.

Such malware-laden apps hide as background apps, messaging apps, and apps that “clean up” your phone’s inner workings

The attackers try to infect as many phones as possible while leaving their apps in the Google Play Store for as long as possible. These apps are usually listed in popular categories such as personalization (wallpapers and lock screen apps), beauty, editor, communication (messaging and chat apps), photography, and tools (such as cleaner and fake antivirus apps).

How a malware-infected app can sign you up for expensive subscription services you didn’t ask for

Not only do these apps ask for a large number of permissions, some of the permissions requested also don’t make sense. For example, a wallpaper app that contains malware may request permission to access your texting apps. That’s not permission that such an app would normally need.

Many of these malware-laden apps share the same user interface, icons, and buttons. Search the developer profile for fake developer names and fake email addresses. Watch out for spelling mistakes and bad grammar in the list.

While Google allows you to do that, be smart and don’t sideload apps on your Android phone

The bottom line is that this malware leads victims to pay significantly higher mobile bills after being charged for premium services they did not sign up for. And because these apps can escape detection, a large number of them can be installed before the attack is discovered. This malware belongs to a category known as toll fraud, which accounted for 34.8% of the Google Play Store’s “Potentially Harmful Application” (PHA) installed in the first quarter of 2022, second only to spyware.

If there is any suggestion we can make please don’t load any apps on your android phone even though Google allows you to do this. When you sideload an app, you install it from an unofficial app store. For example, installing a third-party app on your Android device that is not from the Google Play Store is considered sideloading.

Look for signs that you installed an app with malware. These signs include rapid battery draining, connectivity issues, phone constantly overheating and running much slower. Be wary of a large number of pop-up ads. And check your cell phone bill every month and look for chargers for services you don’t remember subscribing to. If you notice any of these red flags, you should contact your carrier immediately.

Keep in mind that once you’ve been caught in this trap, it’s unlikely you’ll get your money back from your carrier. So the sooner you can recognize that you’ve been, the better it is for you.