How to protect yourself from phone fraud (toll fraud) on Android

Toll fraud malware can wreak serious havoc on your budget by signing up for paid services through your carrier. Here’s how to spot them and prevent them.

Old Android smartphones pose security risks, it is well known, but a study of the Microsoft 365 Defender Research Team shows precisely how vulnerable these devices are to a particular type of attack, phone fraud, or “toll fraud” in English.

Toll fraud malware hides in apps that seem completely innocent and will unknowingly subscribe users to paid services through the operator. And the victims end up subscribing to completely useless services which can cost several hundred euros, or even more, per year.

Microsoft research shows that devices running Android 9 or older are most at risk from such attacks, but we’ve seen similar flaws on newer versions of Android. Worse still, hackers are constantly evolving their attacks, allowing malicious apps to bypass the security measures of Google Play. This means that there could be many apps infected with such toll fraud malware (and others, for that matter) in the Google Play Store catalog. It is for this reason that it is important for all Android users to know how to spot this scam before it really is too late.

What is toll fraud?

Microsoft explains precisely how this kind of scam works, but the most common attack is divided into three stages.

First, the user downloads an app from Google Play or a third-party distributor. Once the app is installed, it updates with a malicious code that would normally have alerted Google Play’s security services.

Once updated, the app initiates the second phase, which involves several steps, such as using fake login pages and Wireless Application Protocol (WAP) to sign up for unsolicited services. (WAPs are completely legitimate tools that apps use to sign up users for services through their carrier rather than through a payment card or otherwise.)

Since WAPs require a cellular connection, the rogue app will often wait for the infected device to use data rather than Wi-Fi. Sometimes these apps can even force the phone to connect to data, even if Wi-Fi is available.

For the last stage of the attack, the application intercepts and blocks the confirmation SMS, as you would receive after knowingly subscribing to a legitimate service, so that you are not aware that something is wrong before to check your next mobile bill.

These kinds of attacks take place in the background, making them very difficult to prevent. The Microsoft research team highlights several avenues that Google could explore to further improve its security measures and thus limit the risks of toll fraud and other similar malware, but there are still a few measures that you can follow to protect yourself.

Most important, as often, is to keep your devices up to date with the latest Android versions available and all security patches. As mentioned above, devices running Android 9 or earlier are most at risk. If possible, update to Android 10 or newer and install the latest security patches.

Of course, this isn’t always possible, just like buying a new, newer phone. And since these kinds of attacks also occur sometimes on newer versions of Android, you are not necessarily safe.

It is for this reason that you should always take the time to study an application (its quality, its legitimacy, etc.) before installing it. Read reviews (not just the best ones), search the web for the app, and only download it from a trusted source. Similarly, installing an anti-malware can allow you to intercept a malicious app before it’s too late.

That being said, many apps seem perfectly legitimate. Even after installation, you can look for warning signs. Among these :

  • Login pages that require a link to an email or social network account.
  • Unnecessary permissions.
  • Requests to install additional apps or updates that are not from the Google Play Store.

This list is not exhaustive, but these are common indicators that an app is insecure.

We would like to say thanks to the writer of this post for this amazing material

How to protect yourself from phone fraud (toll fraud) on Android

Check out our social media profiles as well as other pages related to them