Microsoft has warned android users against a new malware that being dubbed the "most common threat for devices with evolving features," according to the Digital Information World.
The new malware is known as the toll fraud malware, a subset for the category of billing fraud. It unwittingly "purchases premium subscription services that users did not want or sign up for," as per Mashable report.
How the Toll Fraud Malware Works
Toll fraud works over the Wireless Application Protocol (WAP). With this set up, consumers are allowed to subscribe to paid content and add the charge to their phone bill.
This kind of malware relies on a cellular network to attack. With this, the malware might disconnect you from Wi-Fi in order to force you to use your cellular network.
The malware will start subscribing to premium services while connecting to the cellular network. The malware may also hide any one-time passwords (OTP) to keep you unaware of its dirty business so you don't unsubscribe.
Researchers warn that the evolution of toll fraud malware poses a dangerous threat, as it can lead to victims receiving significant mobile bill charges.
Moreover, there is an increased risk for affected devices since the malware is able to evade detection. It is even more dangerous since before a single variant can be removed, it can achieve a high number of installations.
The toll fraud malware attack starts when you download whatever app the malware is disguised as in the Google Play Store. Usually listed in popular categories in the app store, these trojan apps can be present in personalization, beauty, editor, communication, photography, and tools.
According to Mashable, the researchers say that these apps "will ask for permissions that don't make sense for what is being done" like a camera or wallpaper app asking for SMS or notification listening privileges.
Read Also: Newly Found Tracking Malware on Android May Be of Russian Origin
How to Protect Yourself from Toll Fraud Malware
According to Microsoft, they had outlined a number of steps to explain to users how to protect themselves from the toll fraud malware.
Users are warned regarding a WIFI connection disabling because this allows the actors to collect data with so much ease via mobile networks. Users are reminded that android never asks for permission in this regard.
According to Digital Information World, the next step would be "the malware makes use of a 'networkcallbak' that displays the current updates on how the network is functioning so that it can bind to a particular target network."
It further cause the device to prevent connecting with WiFi. Thus, users will be prompted to continue using the mobile network. Users may manually turn off their data for mobiles.
According to Microsoft, to protect oneself from being a vulnerable target, you have to make sure your source for making downloads on Android devices is reliable. Therefore, download only from Google Play Store.
Also, when you install, never ignore any permission requests. It is another great way to keep malware risks at a bare minimum. It also works better to protect your privacy.
Lastly, Microsoft warned against those apps that go as far as reading your texts or sending out any messages. The company also warned against those apps that gain access to your phone alerts.
Related Article: Joker Malware in Android: 11 Apps to Avoid in Google Play Store to Prevent Infection
