Microsoft has warned Android users about spyware that secretly buys premium subscription services online. Researchers from Microsoft have described how a “toll fraud malware” targets Android users and their devices in a paper.
The infection falls under the subcategory of billing scams, when unscrupulous users secretly enroll to premium services, according to researchers Dimitrios Valsamaras and Song Shin Jung. It is one of the most common kinds of Android malware, according to the survey. Toll fraud uses the Wireless Application Protocol (WAP), which charges the purchase to the user’s phone bill, rather than SMS or calls to operate. It does not function over Wi-Fi, and malware apps frequently attempt to disconnect you from Wi-Fi before forcing you to use a cellular network.
According to Microsoft, the unauthorized subscription begins when the user initiates a connection with the service provider over a cellular network. The user is sent to the website that offers the subscription service once they have connected to the network. Sometimes a one-time password (OTP) is needed to validate your identity, however malevolent apps have a technique of disguising the OTP.
According to Microsoft’s study, a subscription is deemed fraudulent if it is initiated without the user’s permission. Here are the actions a toll scam software takes to sign you up for undesirable services.
- Turn off Wi-Fi or wait until the user switches to cellular data.
- Go to the subscription page directly.
- click the subscribe button instantly
- Intercept the OTP (if applicable)
- OTP to be sent to the service provider.
- Reject SMS messages (if applicable)
Prior to taking these actions, however, the virus uses MCCs (mobile country codes) and MNCs to determine the subscriber’s nation and mobile network (mobile network codes). This is done in order to target users in a certain nation or region.
For more such updates, keep reading Techinnews
