While the fraud methods used in smartphone applications continue to affect thousands of users every day, an important statement came from Microsoft today. The company’s 365 Defender Team has caught significant results on wireless application protocol (WAP) fraud, known as ‘toll billing’.
Examining Android applications, the company shared a detailed information about the increasingly popular fraud method. The company, which published a blog post, stated that with the said scam method, scammers can target some network operators and hide their malicious activities.
Money comes out of your pocket without your knowledge:
According to the information provided by Microsoft, the WAP attack first starts with the disconnection of Wi-Fi. Later, when the user switches to the mobile network, a subscription page opens in the background and the user buys a paid subscription without his knowledge. After that, the software also interferes with the one-time password and sends the password to the service provider without the user seeing the message notification.
On the other hand, these attacks only occur by targeting users in certain countries and regions. Because, according to Microsoft, the software examines the country where the user is located and which network operator they use before starting this process.
So how to protect from this attack?
Microsoft recommends downloading apps from the Google Play Store or trusted services first to protect yourself from the attack. However, it emphasizes that strong permissions such as SMS permissions should not be given to applications. In other words, protecting from these attacks is largely the responsibility of the user.