By
Ted Thornhill
Last updated at 1:29 PM on 7th November 2011
Malware disguised as innocent smartphone apps that secretly send expensive messages are on the increase, warn online security experts.
Fraudsters are planting rogue apps that lurk in the ‘back-end’ of phones and send messages and make calls to their own premium-rate services that do not show up in the ‘sent messages’ folder or ‘call history’.
The messages can cost as much as £6 a go and some malware sends unauthorised texts at a rate of one a minute, warns GetSafeOnline.org, a national internet security initiative
Malware warning: Fraudsters are targeting smartphone users with rogue apps
The first a user is aware of it is when the huge bill lands on their doormat.
Rik Ferguson, director of the cyber security website and of security research at Trend Micro, said: ‘This type of malware is capable of sending a steady stream of text messages to premium rate numbers.
‘In some instances we’ve seen one being sent every minute. With costs of up to £6 per message, this can be extremely lucrative.
‘The user won’t know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the device’s “back end” infrastructure. This can often continue for weeks before being noticed.’
Stealth: The first smartphone users know about the malware is when they get their phone bill containing texts and calls to premium-rate services
HOW TO AVOID BEING STUNG BY ROGUE APPS
Getsafeonline.org recommends taking the following steps to avoid nasty phone bills:
1) Always check reviews and ratings as well as developer information before downloading a new app.
2) Malware can cause a lot of surreptitious activity on your phone, so battery performance might be a clue. If your battery suddenly starts draining really fast, consider that it might be a malware problem.
3) Make sure to check your phone bill online periodically – more often than once a month, that way you can keep tabs on any suspicious activity.
Online fraud should be reported to www.actionfraud.org.uk. Web users affected by the ‘premium rate SMS scam’ should also contact PhonepayPlus via www.phonepayplus.org.uk.
The malware often masquerades as a ‘free level’ to a popular and legitimate online game, or even as a security tool.
What’s more, once downloaded, this malware enables fraudsters to take control of the victim’s phone, allowing them to make calls, send and intercept SMS and voicemail messages, and browse and download online content.
This enables them to gain access to all personal and payment data available on the phone – which can then be sold onto and used by identity fraudsters – and to ‘spam’ other mobile web users to commit further fraud.
‘With users now installing and removing apps with increasing frequency, the chance of encountering a rogue app is much higher. Smart phone security, such as anti-virus or anti-malware software, is available but not widely deployed. Soon it will need to be common place’, adds Ferguson.
To make eradicating rogue apps even harder
the fraudsters, once they’ve been found out, simply change the name of
the app and re-upload it, perhaps with a different virus, so providing a
definite list of ‘bad apps’ is virtually impossible.
Print this article
Read later
Email to a friend
Share this article:
Here’s what readers have had to say so far. Why not add your thoughts below,
or debate this issue live on our message boards.
The comments below have not been moderated.
-
Newest -
Oldest -
Best rated -
Worst rated
I agree completely with
Richard..Cheltenham.”What about naming and giving examples of such apps?”
And anon anon..
what a useless article, where are the names of problem apps, how do you stop it?
Report abuse
On android you can get an application to screen applications you add… two that come to mind are Lookout and AVG, available on the AndroidMarket on the phone
The most important thing is when you add an application look at what the application uses, it will say if it is able to access phone calls, texts etc
They cant make these up as to access these things they have to add them to this list or the phone doesnt allow access to do the things.
So if you were getting an alarm clock application and it wants to send texts or make calls, does that make sense? probably not so dont add the app!
Report abuse
what a useless article, where are the names of problem apps, how do you stop it?
Report abuse
What about naming and giving examples of such apps?
Report abuse
The views expressed in the contents above are those of our users and do not necessarily reflect the views of MailOnline.
Article source: http://www.dailymail.co.uk/sciencetech/article-2058523/Smartphone-malware-warning-Rogue-apps-increase.html?ITO=1490
View full post on National Cyber Security » Virus/Malware/Worms