Microsoft warns about toll fraud apps on Android

Microsoft security personnels warns people about toll fraud malware apps on Android which is most practised nowadays.

What is toll fraud?

Toll Fraud is also known as international revenue sharing fraud in which the threat actors take advantage of long distance phone communication services.

Moreover, it is a Scheme used by threat actors where they intentionally develop international calls on expensive routes. They make calls on premium rated numbers and later cut the money which is generated from fraudsters.

Additionally, the Microsoft office has revealed that toll frauds are far more complicated and dangerous as compared to other frauds.

However, Microsoft explains that, how the malware apps target specific people and uses numerous codes to hide their original identity.

How do the fraudsters bring their plan to work?

Initially, they confirm target network and steadily they start the subscription without the users permission. But sometimes, even OTP is generated in between procedure.

Moreover, ‘It then suppresses SMS notifications related to the subscription to prevent the user from becoming aware of the fraudulent transaction and unsubscribing from the service’, informs Microsoft.

The following steps which WAP malware follows according to Microsoft include:

1)Disable the Wi-Fi connection or wait for the user to switch to a mobile network

2)Silently navigate to the subscription page

3)Auto-click the subscription button

4)Intercept the OTP

5)Send the OTP to the service provider

6)Cancel the SMS notifications.

What measures to be taken to protect themselves?

One shall use trusted website and links to download applications. It is not recommended to use any random links, apps to get any certain apps.

Initally, it maybe a trap in which you can fall and loose your personal details. Microsoft recommends to install apps from Google Play Store or other trusted services.

Moreover, Google play store have API restrictions to address this issue. The Google notes mentions, ‘If an app allows dynamic code loading and the dynamically loaded code is extracting text messages, it will be classified as a backdoor malware’.