Android is taking the world by storm, and unfortunately, that means that scammers and hackers are coming along for the ride. Security firm Symantec released new research today detailing the biggest threats faced by Android users, and while most of it is familiar information, there are some fiendishly innovative new forms of malware and other malicious apps that users should be aware of. Chief among them is the "Premium rate number billing scam".
It works like this: users download an app from an untrusted source and manually install it on their Android phone. The phone then covertly calls or texts a premium number that's been specially created for the app. The premium number then uses established carrier billing methods to charge customers' phone bills directly, and they're none the wiser until the billing period is up. For an example of this scheme, check out the malicious QR codes discovered in September.
More traditional forms of malware are on the rise, too, including the kinds of junk you cleared off your grandmother's Pentium III. Familiar schemes like adware and search engine redirects are common, as are straight-up spyware that actively searches for usernames, passwords and banking information. Pay-per-download and pay-per-click apps are common, and are still the kind of thing that savvy users should avoid.
In most cases, you've still got to manually install apps from non-Android Market sources in order to compromise the security of your phone. As a security company Symantec has a vested interest in keeping people wary, but that doesn't mean they're wrong. Remember, on Android as on all operating systems, never install software from a source you don't trust.