If you haven’t yet heard of toll fraud malware, it’s one of the most evolving types of billing fraud that continues to attack Android phones.
The latest toll fraud malware is coming from apps on the Google Play Store that look legitimate. Instead, they have harmful tech behind them that can subscribe you to premium services you never intended to pay for.
Here’s how to watch out for this malware and protect yourself – especially if you have an Android device.
Table of Contents:
Not every application on the Google Play Store is safe. While Google tries to use security measures to check apps for potential malware, the way this app harms your device is sneaky.
First, a user downloads an app from the Google Play Store because it may seem like a normal, safe application. The problem is that the dangerous apps are able to update themselves once downloaded on your device, and the updated version of the app may contain malware that has now bypassed the Google Play Store’s security scans.
The dangerous app now is able to prompt the user to click additional links, and it will even turn off WiFi and use your cellular data to sign you up for unwanted services.
These toll fraud malware software updates use Wireless Application Protocol (WAP) to sign you up for the services. Microsoft has broken down the steps the malware takes, sometimes using a one-time password (OTP) to trick the user to subscribe to services.
Here is the process for this toll fraud malware:
- Disable the Wi-Fi connection or wait for the user to switch to a mobile network
- Silently navigate to the subscription page
- Auto-click the subscription button
- Intercept the OTP (if applicable)
- Send the OTP to the service provider (if applicable)
- Cancel the SMS notifications (if applicable)
Microsoft classifies a subscription as fraudulent when it takes place without a user’s consent. These hackers are able to subscribe you to premium services, eventually stealing money from your digital wallet or even by making large charges directly to your cellular bill.
Make sure you follow these steps, especially if you are an Android user, so you don’t become a victim of toll fraud malware.
Always do your own research before downloading an App. Double check the app’s developer (IE Facebook app should come from Meta Platforms, Inc) to confirm it is a real application. Also read reviews, both good and bad, to see if anyone has encountered problems previously.
Android, Google, Samsung, Apple, and any other company behind your most-used devices regularly run tests and learn about new security flaws. When you ignore those “update your device” prompts, there’s a chance you’ll miss the software updates that tackle the latest security flaws. Always keep your iOS or Android software up to date.
Antivirus software isn’t just for computers. Total AV total protection can also protect cell phones and tablets, making it harder for hackers to get into your device. Software updates won’t catch every type of malware as hackers are constantly changing their tech, so make sure you’re always protected.
Install good security protection on all of your devices for the best protection. My top pick is TotalAV (Limited time deal: $19 your first year (80% off). More of my review: Best Antivirus Protection in 2022 found here.
Related:
- Malware discovered in these Apple apps; remove now
- New malware hack takes over your browser and search results
- Hackers are attacking your home WiFi router with malware
12 comments