By Team Lounge
Listen to this article
In a blog post, Microsoft recently issued a private threat intelligence advisory about malware that might threaten your android device.
One of the most common types of Android malware is toll fraud malware, a subset of billing fraud in which malicious programmes sign users up for premium services without their knowledge or agreement. Toll fraud differs from other types of billing fraud, such as SMS fraud and call fraud, in its methods. To send messages or make calls to a premium number, SMS fraud and phone fraud use a simple attack flow, whereas toll fraud uses a sophisticated multi-step attack flow that malware developers are always working to enhance.
TRENDING STORIES
Also Read: How to protect your phone from malware and cybercriminals
Toll fraud often infiltrates a device via fraudulent subscriptions; it may also fetch premium service offers and initiate subscriptions without the knowledge of the user, force cellular communication, intercept OTPs and suppress notifications to ensure the user remains unaware of the malware.
The malware first drew media attention in 2017, when its first major malware family, Joker, found its way to the Google Play Store. Second only to spyware, it accounted for 34.8% of installed Potentially Harmful Applications (PHA) from the Google Play Store in the first quarter of 2022. Despite all of this focus, there isn't much information revealed on how this particular sort of malware executes its fraudulent activities.
Here are some ways to protect your device from toll fraud
One of the most prevalent types of malware is toll fraud, which mostly causes significant financial loss. Due to its complex cloaking methods, user-side prevention is crucial to maintaining the device's security. To be able to safeguard your device it is important to know the characteristics that can help you identify this family of malware. Microsoft segregated these characteristics into three -
Primary characteristics – patterns in plaintext included in the application that can be analyzed statically
MORE FROM THIS SECTION
view allSecondary characteristics – common API calls used to conduct toll fraud activities and
Tertiary characteristics – patterns in Google Play Store metadata such as the application’s category, the developer’s profile, and user reviews, among others
Also Read: Week in tech: It's farewell to Microsoft's Internet Explorer
In its security advisory, Microsoft also provided a list of things one can do to keep the malware at bay. Here are some of them.
1. Avoid sideloading (installing Android apps from untrusted sources) and always check for device updates as a general rule.
2. Avoid granting SMS permissions, notification listener access, or accessibility access to any applications without a strong understanding of why the application needs it. These are powerful permissions that are not commonly needed.
3. Use a solution such as Microsoft Defender for Endpoint on Android to detect malicious applications.
4. If a device is no longer receiving updates, strongly consider replacing it with a new device.
- FIRST PUBLISHED06.07.2022 | 12:22 PM IST
- TOPICS
- For all the latest Fashion News, Lifestyle News, Food News, Smart Living, Health Tips, and Relationships, only on Mint Lounge.