Four harmful apps were recently found to be concealed in the software on Android Google Play by the information security agency. The apps automatically subscribe to expensive services after being downloaded. These fraudulent apps disguise themselves as texting, translation, and health-related apps, and they have been downloaded more than 100k times.
When the user installs and gives permission, the apps will automatically subscribe to high-value services, allowing the user to directly spend money. One won’t realise they’ve been scammed until the telecom bill is received. According to the most recent research report from the information security firm Pradeo, Android has four fraud software programmes codenamed Joker:
1. Smart SMS Messages
2. Blood Pressure Monitor
3. Voice Languages Translator
4. Quick Text SMS
It is also difficult for users to notice any red flags, since 2 of the apps can skip the whole authentication process and actually obtain a one-time SMS password (OTP) by intercepting alerts, reading SMS messages, and taking screenshots. All four of those apps have been taken down and are completely off the Google Play Store (fortunately).
However, we have to keep in mind that if even one can exist, there must be hundreds more of these types of apps out there, just waiting to scam innocent users. Always remember to not authenticate any payments on apps that really shouldn’t be requesting money. You can always find free alternatives. Better safe than sorry!
Android and Google Play users stay safe and be careful with what you download on your phone!
Source: China Press