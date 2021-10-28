About 150 highly downloaded apps from Google Play Store may contain Premium SMS scams. The discovery was disclosed last Monday (25) by Avast, developer of digital security solutions. According to the company, the apps were designed to trick users and subscribed to SMS Premium services without consent. Altogether, the programs total more than 10 million downloads, causing losses of more than US$ 40 (approximately R$ 223, in direct conversion) monthly for each victim.

According to the report, the apps disguised themselves as common programs such as photo and video editors, custom keyboards, QR Code scanners, call blockers and camera filters. Furthermore, according to mobile marketing consultancy SensorTower, which also mapped the apps, the apps were advertised in social media ads like TikTok, Instagram and Facebook, and were downloaded in more than 80 countries. Most downloads took place in regions of the Middle East, the United States and Poland.

1 of 3 Apps from Google Play Store with more than 10 million downloads may contain scam — Photo: Rodrigo Fernandes/TechTudo Apps from the Google Play Store with more than 10 million downloads could contain a scam — Photo: Rodrigo Fernandes/TechTudo

Avast named the fraudulent campaign “UltimaSMS” and tracked the apps until May 2021. According to the company, new samples of the apps were released in early October, indicating that the scam is still underway. Last week, more than 80 apps were still available for download from the Play Store. The company claims it reported the programs to Google’s security team, which would have resulted in the apps being removed from the store.

2 of 3 Ad displayed on Facebook shows app used in scams — Photo: Disclosure/Avast Ad displayed on Facebook shows application used in scams — Photo: Disclosure/Avast

After downloading, the apps check the location of the cell phone and the IMEI number, then requesting the user to enter their phone number or e-mail in order to carry out a supposed registration for release of use. In reality, however, this information serves to identify the victim’s location and determine the language that will be used in the fraudulent texts.

After sharing your personal data in the fictitious registration, the user will be subscribed without his consent to a Premium SMS service, which starts to make weekly charges. The usurped values ​​can reach more than US$ 40 per month (about R$ 223, in direct conversion), depending on the country and the operator.

Once the dummy registration is performed and the victim signed, the apps do not provide the promised features. Instead, they offer other options to subscribe to SMS services or simply stop working.

3 of 3 Application requests personal data of the user to register in Premium SMS service — Photo: Divulgação/Avast Application requests personal data of the user to register in Premium SMS service — Photo: Disclosure/Avast

Some of the apps identified even inform about the SMS subscription, putting the information in terms of use described in the famous “fine print” inside the app. However, most do not reveal the true intent, making many people not even realize they are being charged.

According to Avast, all applications have identical structure and functionality, which may indicate that most of them are developed by a single agent or the same group of scammers.

“Apps are disguised as genuine apps through well-designed app profiles in the Play Store. These profiles feature captivating photos, well-written descriptions, and typically have high ratings. However, on closer inspection, they have generic privacy policy statements, they present basic developer profiles, including generic email addresses,” explains Avast Threats Analyst Jakub Vávra.

The Avast specialist recommends that users carefully check the origin of the apps before downloading, checking the ratings and comments left by other users of the store. “Despite having high rating averages, many [apps] have numerous negative user reviews, which correctly identified the apps as scam or cheated. Bad written reviews often serve as a warning,” says Jakub.

It also indicates that users disable Premium SMS options with telephone operators unless it is really necessary. Another recommendation is to avoid entering personal information, such as a phone number or email, in suspicious applications, and not to download programs from unofficial stores. “Many of the apps discovered by Avast are still available for download outside the Play Store,” warns the expert.

With information from Avast