Anti Spam League
Related Articles
Google recently removed 151 SMS apps from its Play Store. These apps are hidden in the keyboard, camera filters, and other popular utility apps. As part of the UltimaSMS campaign, these apps sign users up for expensive premium SMS services. The fraudulent apps were discovered by cybersecurity company Avast, 82 of them were found on the Play Store. The Avast report states that these apps have been downloaded over 10.5 million times around the world and were almost identical in structure and functionality. Here’s how these apps work, steal user money, and other details.
18
These apps are hidden in photo editor, camera filter, games and other apps
If you think these apps are found as SMS apps, you are wrong. These scam apps fall into a wide range of categories such as custom keyboards, QR code scanners, video and photo editors, unwanted call blockers, camera filters, and games, among others. Many of these apps are also advertised on Instagram and TikTok.
28
All applications are largely identical in structure
The discovered applications have an identical structure, which means that the same basic application structure is reused multiple times. These copies are disguised as genuine apps via well-constructed app profiles on the Google Play Store. On closer inspection, they have generic privacy policy statements and feature basic developer profiles, including generic email addresses.
38
Secret access to Android user data including location and phone IMEI number
When a user installs any of these 151 apps, the app verifies their location, International Mobile Equipment Identity (IMEI), and phone number. This information is then used to determine which country, area code and language to use these details to fool the user.
48
Stolen user’s cell phone number and email address to access their phone
When a user opens the downloaded application, a screen prompts them to enter their phone number and, in some cases, their email address to access the advertised purpose of the application.
58
These apps subscribe users to premium SMS service without their consent / knowledge
By entering the requested information, the user is automatically subscribed to premium SMS services. The cost of these services can go up to $ 40 (around Rs 3,000) per month depending on the country and the mobile operator.
68
The affected user may or may not receive a notification regarding these charges.
While some apps include fine print and may reflect in the final phone bill, others may not even. This means that many people who have submitted their phone numbers in the apps may not even realize that the money is being deducted from their linked financial accounts.
78
Users continue to be charged for the subscription even after uninstalling the app
Once subscribed, premium SMS services will continue to charge money to users’ account. Uninstalling the app may not help as the fees continue to be deducted.
88
These scam SMS apps fooled users in over 80 countries
According to Avast, these apps were mostly downloaded by users in the United Arab Emirates, Egypt, Saudi Arabia, Pakistan, the United States and Poland. It is possible that some users in India have downloaded them as well.
