Abstract
A new type of Android malware called “toll fraud malware” has been discovered, leading many individuals to question why they are being signed up for services that they do not want. In other words, there is malware out there that is spending users’ money without their permission. How rude!
Yes, Malware Can Spend Your Hard-Earned Cash
Unlike other types of malware that are immediately noticeable to the victim (a good example is ransomware, which demands a ransom in exchange for your data), toll fraud malware completely bypasses the user and spends their money without their consent. The threat works by subscribing the user to paid content and adding charges directly to the phone bill. Sometimes it might disconnect your device from Wi-Fi to make it use more cellular data, or it will hide one-time passwords, two-factor messages, and verification messages to make sure you don’t discover it.
Toll fraud itself is not a new idea. It has existed since the days of dial-up internet connections, emerging once in a while to attack mobile phones as well. Microsoft has issued a warning that toll fraud malware has become a significant problem for a lot of users, however, so you might want to take it seriously.
How To Keep Your Device Safe
We recommend that you remain aware of everything that you install on your device. You should not trust all apps on your phone, even if Google and Apple do a decent enough job of keeping malicious applications off their app stores. Just because an application appears in the store does not mean that it is safe to use.
Malware can often sneak by the algorithms by hiding in categories like wallpaper, lock screen apps, or apps claiming to improve device performance or (ironically) protect it from threats. When you install a new application on your device, you’ll be prompted to grant that application various device permissions. Be very careful with these permissions, especially if the permissions requested just don’t seem to make any sense.
We especially caution you against installing apps that aren’t found on the Google Play Store, as there is an even greater chance that the app could be malicious in nature.
At the end of the day, you just want to be as cautious as possible with your device, and if you are experiencing issues with it, then have a trained and trusted professional examine it for you. An application is not going to solve your device’s problems, and if you feel like your device is dragging its feet a bit (and maybe it is), then perhaps it’s simply time to upgrade.
Another way you can get an idea of if an app is secure is by reading the application’s description on the store, reading its reviews, and researching the developer. If something seems off, trust your gut and look at a different solution.
For any issues with your technology, know that you are not alone. To find out how we can support your technology efforts, reach out to us at 888-748-2525.
ABOUT THE AUTHOR
Rafiq Masri
With over 25 years of experience in Information Technology, Rafiq is one of the most accomplished, versatile and certified engineer in the field. He has spent the past 2 ½ decades administering and supporting a wide range of clients and has helped position Network Management, Inc. as a leader in the IT Managed Services space.
Rafiq has built a reputation for designing, building and supporting top notch IT infrastructures to match the business objectives and goals of his clients.
Embracing the core values of integrity, innovation, and reliability, Rafiq has a very loyal client base with some customer relationships dating back 20+ years.
Rafiq holds a bachelor’s degree in Mechanical Engineering from the University of Michigan and has completed graduate programs in Software Engineering and Business at Harvard and George Mason University. Rafiq is a former founder and CEO of Automation, Inc. in Ann Arbor, Michigan as well as a valued speaker on entrepreneurship and technology at industry events such as ExpoTech and others.