While the fraud methods used in smartphone applications still affect thousands of users every day, a major statement came out today from Microsoft. The company’s 365 Defender team, known as ‘toll billing’ wireless application protocol (WAP) scam achieved important results.
While researching Android applications, the company shared detailed information about the increasingly popular fraud method. The company, which published a blog post, stated that fraudsters using the said fraud method can target some network operators and that they can hide their malicious activities stated.
Money comes out of your pocket without you knowing it:

According to the information provided by Microsoft, the WAP attack is primarily: It starts with disconnecting Wi-Fi†Later, when the user switches to the mobile network, a subscription page opens in the background and the user buys a paid subscription without their knowledge. After that, the software also interferes with the one-time password and passes the password on to the user. without seeing the message notification to the service provider.
On the other hand, these attacks only happen by targeting users in certain countries and regions. Because according to Microsoft, the software must be installed before this process is started. the country where the user is located and which network operator he/she uses to research.
So how to protect against this attack?
To protect against the attack, Microsoft primarily has: Download from Google Play Store or trusted services. recommends. However, it emphasizes that strong permissions such as SMS permissions should not be given to applications. In other words, protecting against these attacks is largely the responsibility of the user.