Malware main culprit for mobile ad fraud and airtime theft in South Africa

Malware main culprit for mobile ad fraud and airtime theft in South Africa

Nearly 1.7 million mobile subscribers are infected with mobile malware in South Africa alone, according to full year 2019 data by mobile security expert, Secure-D. According to the company, malware is the main culprit responsible for airtime theft and mobile ad fraud evident in the country with 18,000 instances found on South African users’ devices. Users are urged to be vigilant and take measures.   

Mobile malware can either be downloaded on the device by the user via an app or come pre-installed. Once activated on the device, mobile malware becomes part of a ‘botnet’ (short for robot network) of infected devices. These botnets, networks of malware-infused devices, are being remote-controlled at scale by a ‘bot-herder’.

In the case of mobile ad fraud, the malicious application visits websites, clicks on banner ads and simulates a real person going through a subscription or other Direct Carrier Billing purchase processes. It even overrides a two-step authentication process all the while remaining undetected by the user. The fraudster’s goal is to claim pay-outs from advertisers for bogus traffic.

The result is unsolicited airtime charges with users being able to detect the early signs of a malware infection when they see their mobile data plan being rapidly depleted with no apparent reason.

What is especially tricky about mobile malware is that it continues to operate without raising the suspicions of the user of the device. Tricks include making sure the app functions well even when malware runs in the background or ensuring that excessive battery drain doesn’t occur. Some apps change their name after they have been downloaded or remain totally out of sight i.e. they cannot be found at the homepage of a device with an app icon.

The issue in South Africa

In 2019, Secure-D detected a total of 1.69 million malware-infected devices in South Africa, spanning 18,000 different applications. Secure-D maintains a public global malware list at where the top malware threats in each market is being reported.

Secure-D has been deployed in South Africa since late 2018, with the largest mobile network operators in the country covering 70 million mobile subscribers. According to Secure-D data for 2019, 86% of the mobile transactions processed were fraudulent. During the full year 2019-end of August 2020 period, Secure-D has processed more than 73 million mobile transactions, identifying and blocking a staggering 24,000 malicious apps that had infected over 2 million mobile devices.

To avoid falling victim to unwanted purchases or lose pre-paid credit, Android users in particular should check their phones to see if they have any of the apps flagged as suspicious installed. If so, they should uninstall them immediately and review any new mobile airtime charges for possible fraud.

Head of Secure-D, Geoffrey Cleaves, said: “Malware can be responsible for creating millions of dollars of fraudulent revenue. It impacts consumers’ pockets and mobile service experience by eating up their data, incurring unwanted charges and affecting the performance of their phones. The mobile advertising fraud market is worth more than US$40 billion annually. Dressing up to appear as legitimate and often popular applications, undetected malware damages the industry’s reputation, leaving mobile operators and their customers exposed, picking up the tab.”

In 2019, Secure-D blocked US$2.1 billion worth of fraudulent transactions, improving the end-user experience and building customer loyalty on behalf of operators around the world. 

Click below to share this article

Browse our latest issue

Intelligent CIO Africa

View Magazine Archive