In February this year, SophosLabs discovered a malicious Facebook link that led to malware being downloaded onto Android smartphones. While posing as a conduit to popular games, the link was coded to send an SMS message which subscribed the phone to an expensive premium rate service.
Spurred on by this discovery, PhonepayPlus – the regulatory body for all premium rate phone-paid services in the UK – investigated who was behind the phone numbers and discovered that the company, a Moscow-based firm whose name translates as Connect Ltd trading as SMSBill, had made “very serious” breaches of the PhonepayPlus Code of Practice. In total, consumers are said to have spent between £100,000 – £250,000 on this service. As a result, PhonepayPlus has ordered Connect Ltd to pay a fine of £50,000 and a refund to all consumers who used this service, whether or not they have claimed a refund.
“The sending of expensive SMS messages is one of the most common ways in which smartphone malware attempts to earn revenue from its victims,” said Graham Cluley, senior technology consultant at Sophos. “People are rarely vigilant about reading terms and conditions, which might give a clue to the kind of service they’re signing up to. That said, in this case users were told that the fee would be less than it actually was. Always be careful about what apps you install, and – in the case of Android apps – be sure to check that you are happy with the permissions the app requests at installation.”