NAT 191211 Anti-fraud mobile protection-1576066439073
Image Credit:

Dubai: Android users in the UAE have been warned against unwanted paid subscriptions of some apps after users reportedly fell victims to the scam.

The warning came from Empello, an anti-fraud service with offices in the UAE, UK and Brazil. Empello said in a news release on Wednesday that it had recently detected three apps with malware embedded that subscribe the phone users to costly value-added services.

Which are the apps?

All three are wallpaper apps: Ladder Wallpaper (com.tiezi.ladder.wallpapers), Boom Wallpaper (com.waurter.boomboom.wallp) and Graft Wallpaper (com.graft.allpaper).

Users who downloaded these apps were automatically signed up to premium content without their prior consent or knowledge, Empello said.

The apps, which have had more than 100,000 downloads, are taking advantage of Android vulnerabilities, allowing scammers to defraud users of over Dh1,000 per year, according to Empello. The apps were on Google Play until October and remain available on independent app download sites.

“Despite tougher government regulation, bot-blocking technology and increased consumer awareness, unwanted purchases are still being discovered at a higher frequency in UAE than any other market,” said Jeremy Flynn, Co-Founder and Director, Empello Ltd and Empello LLC.

How the scam works?

“Our research shows how scammers have adapted their tactics to keep ahead of the roadblocks placed in front of them. Consumers are meant to be protected from unwanted subscriptions by a One Time Password [OTP] in the sign-up process, but the latest malware reads the OTP to complete the subscription. Consumers using UAE mobile networks were victims.”

What can be done?

Empello’s advice to UAE users is first to check if they have downloaded one of these three apps. To reduce the risk of getting an infected app, only download apps from Google Play store, it said.

“This is not a totally safe store, so read the reviews before downloading, and never complete the installation of an app that seeks permission to read or write SMS,” Empello cautioned.

“UAE has the highest percentage of smartphone penetration in the world, with 8.75 million mobile internet users. With safe public and fair judiciary reported as one of UAE’s national priorities for 2021, it is becoming increasingly important for operators in both the private and public sectors to act on this now. At Empello, we are committed to working with organisations in this sector to support UAE’s government efforts to build a safe digital community in the UAE,” added Flynn.

Empello has operated a threat detection monitoring network since 2012, which is “now the largest of its kind worldwide”. Empello uses its network to test constantly for unauthorised payments, and then update its fraud-blocking technology to stop the latest attacks.