Heads Up: New Android ‘Ultima SMS’ Subscription Scam

151 isn’t the biggest number in the world, but it’s not the smallest either. 10.5 million? That’s a big number indeed and where we are going with this is that there in an ongoing fraud campaign making its way around the web right now called Ultima SMS that people should be made aware of given the sheer scale of it and just how many people could be affected. 151 is the number of Android apps that this campaign has been identified with (so far) and that 10.5 million figure is the number of times those specific apps have been downloaded.

Most malware is much more deliberately malicious, but that’s not to take away from the seriousness of Ultima SMS and why people should be made aware of it (and why we’re choosing to make it our subject this week). Here at 4GoodHosting we’re like any good Canadian web hosting provider in that we know that people don’t like surprises when they’re the type that end up costing them more money. That’s what makes the Ultima SMS subscription scam so noteworthy – it upgrades users to premium subscription memberships without them being aware of it.

Now the question obviously becomes what would be their gain in doing this. They get a cut from the monies gained by increasing subscription rates involuntarily. Instead let’s look at those very newsworthy scam, as security concerns related to apps downloaded 10+ million times definitely makes it newsworthy.

Gone – Just Not Quickly Enough

The good news here is that Google wasted no time in removing the apps, but those multi-million downloads have worked out to millions of dollars in fraudulent subscription charges already. The way they drew unsuspecting users to the bait was with discount apps, games, custom keyboards, QR code scanners, video and photo editors, spam call blockers, camera filters, and more.

Once one of the affected apps was launched for the first time and using mobile data, the location and IMEI is changed to match the language of the country. The app would then prompt the user to enter their mobile phone number and email address to become aware of the program’s features and gain access to them.

Then once the phone number is obtained along with the required permissions, the app proceeds to subscribe the victim to a $40 per month SMS service. And, as mentioned, the scammers get a cut as an affiliate partner. It’s also recently been determined that the app authors have put into place a system that hits the victim with the maximum charge amount based on their location.

The sheer volume of submissions is what’s making this work, as apparently many of the apps and their ‘offerings’ aren’t particularly good in the first place. The aim is to have a constant inflow of unsuspecting victims and preserving their presence on the Play Store despite the constant reporting and take-down actions.

Some Spots Worse

Not surprisingly, it’s not a scenario where the entire world is being affected by this equally. The countries that are currently most affected by the Ultima SMS scam are:

  • Egypt
  • Saudi Arabia
  • Pakistan
  • UAE

So while we can safely assume there’s a whole lot of unwanted premium subscriptions going on in the Middle East and moving into South Asia, it’s also estimated that nearly 200,000 devices are affected in North America.

Uninstalling the app will prevent new subscriptions from being made. However, it will not prevent the existing subscription from being charged again. This is where the hang-up is, you need to contact your carrier and ask for a cancellation of all SMS subscriptions.

Best Avoidance Practices

Falling victim to this kind of stuff can happen to anyone, and if it does you’ll be best to smarten up regarding avoiding online pitfalls like this one. Here is what industry experts say are best practices for doing that:

151 isn’t the biggest number in the world, but it’s not the smallest either. 10.5 million? That’s a big number indeed and where we are going with this is that there in an ongoing fraud campaign making its way around the web right now called Ultima SMS that people should be made aware of given the sheer scale of it and just how many people could be affected. 151 is the number of Android apps that this campaign has been identified with (so far) and that 10.5 million figure is the number of times those specific apps have been downloaded.

Most malware is much more deliberately malicious, but that’s not to take away from the seriousness of Ultima SMS and why people should be made aware of it (and why we’re choosing to make it our subject this week). Here at 4GoodHosting we’re like any good Canadian web hosting provider in that we know that people don’t like surprises when they’re the type that end up costing them more money. That’s what makes the Ultima SMS subscription scam so noteworthy – it upgrades users to premium subscription memberships without them being aware of it.

Now the question obviously becomes what would be their gain in doing this. They get a cut from the monies gained by increasing subscription rates involuntarily. Instead let’s look at those very newsworthy scam, as security concerns related to apps downloaded 10+ million times definitely makes it newsworthy.

Gone – Just Not Quickly Enough

The good news here is that Google wasted no time in removing the apps, but those multi-million downloads have worked out to millions of dollars in fraudulent subscription charges already. The way they drew unsuspecting users to the bait was with discount apps, games, custom keyboards, QR code scanners, video and photo editors, spam call blockers, camera filters, and more.

Once one of the affected apps was launched for the first time and using mobile data, the location and IMEI is changed to match the language of the country. The app would then prompt the user to enter their mobile phone number and email address to become aware of the program’s features and gain access to them.

Then once the phone number is obtained along with the required permissions, the app proceeds to subscribe the victim to a $40 per month SMS service. And, as mentioned, the scammers get a cut as an affiliate partner. It’s also recently been determined that the app authors have put into place a system that hits the victim with the maximum charge amount based on their location.

The sheer volume of submissions is what’s making this work, as apparently many of the apps and their ‘offerings’ aren’t particularly good in the first place. The aim is to have a constant inflow of unsuspecting victims and preserving their presence on the Play Store despite the constant reporting and take-down actions.

Some Spots Worse

Not surprisingly, it’s not a scenario where the entire world is being affected by this equally. The countries that are currently most affected by the Ultima SMS scam are:

  • Egypt
  • Saudi Arabia
  • Pakistan
  • UAE

So while we can safely assume there’s a whole lot of unwanted premium subscriptions going on in the Middle East and moving into South Asia, it’s also estimated that nearly 200,000 devices are affected in North America.

Uninstalling the app will prevent new subscriptions from being made. However, it will not prevent the existing subscription from being charged again. This is where the hang-up is, you need to contact your carrier and ask for a cancellation of all SMS subscriptions.

Best Avoidance Practices

Falling victim to this kind of stuff can happen to anyone, and if it does you’ll be best to smarten up regarding avoiding online pitfalls like this one. Here is what industry experts say are best practices for doing that:

  • Stay vigilant – be wary of apps advertised in short and catchy videos
  • Disable premium SMS options with your carrier – by doing this you’ll be well defended against anything similar, and this is a really smart move in general if your children handle your device from time to time
  • Check reviews – written reviews may reveal the true purpose of an app
  • Hold off on entering your phone number – if you don’t trust an app you should choose to not share personal details with it
  • Go over fine print – it is helpful to know that legitimate apps almost always have a Terms of Service and a Privacy Policy, as well as a statement about how user submitted information will be used
  • Use Official App Stores only  – As mentioned, the offending apps are no longer on the Google Play Store, but you can be sure they’re still able to be found elsewhere

Post Navigation