Follow us

Avast detects "Ultima SMS," a global premium SMS scam campaign

A campaign of premium SMS scam applications is dubbed as Ultima SMS by Avast. They have discovered more than 150 applications on the Google play store

Published: October 26, 2021 By Ozair Malik

Google Play Store where scam applications have been detected

Image source – pixabay.com

How do Users get scammed by Ultima SMS?

Avast, a global leading digital security and privacy organization, announced today the identification of more than 150 premium SMS scam applications as part of that campaign.

The layout and operation of these apps are substantially identical; they are essentially duplicates of the same fraudulent app that was used to distribute the premium SMS scam campaign.

Because one of the first programs I discovered was called Ultima Keyboard 3D Pro, I named the campaign Ultima SMS."

JAKUB VÁVRA - Threat Operations Analyst

When a user downloads one of the apps, it scans their location, IMEI, and phone number to figure out which country, area, code, and language to use for the fraud.

When a user first launches the app, the Lock screen requires them to input their phone number and, in some circumstances, their email address to obtain access to the program's intended purpose.

The apps are essentially identical in structure and functioning, and depending on their location and mobile provider, they can cost victims upwards of $40 each month if they are not rewarded in any way. Over 80 apps were still available for download on the Google Play Store last week.

Ultima SMS app GUI

Image source – avast.com

Premium Scam Apps

One of those apps could be a photo editor, camera filter, game, or other programs. Custom keyboards, QR code scanners, video and photo editors, spam call blockers, camera filters, and games, among different categories, are among the fake apps they discovered.

Ultima SMS appears to be a global campaign, as the apps have been downloaded by users from over 80 countries, according to Sensor Tower, a mobile app marketing intelligence and insights company. Those in the Middle East, such as Egypt, Saudi Arabia, and Pakistan, have downloaded the most apps, followed by users in the United States and Poland.

Last week, the Avast security team reported 80 apps to Google's Security Team as part of a premium SMS scam campaign. Victims are signed up for expensive premium SMS services that earn a bad actor or actors' money while leaving victims entirely empty-handed.

 As a result, they were quickly removed from the Google Play Store. The apps found by the security team are part of the Ultima SMS campaign, which includes 151 apps that were once available for download on the Google Play Store.

The complete list of the Ultima SMS apps Avast discovered can be found at File Finder GitHub.

Ultima SMS app reviews on play store

Image source – avast.com

Instagram and Tik Tok are used for their advertisement

According to Sensor Tower data, the apps were marketed via adverts on social media networks like Tik Tok and Instagram. Users were primarily from the Middle East, but users from the United States and Poland were too.

Ultima SMS app downloads table

Image source – avast.com

More than 10.5 million people have downloaded these apps.

How to avoid the threat

Ultima SMS campaign is not identical but very close to Fleeceware-Apps principles.

We have collected a few Don’ts to protect yourself from fraudulent applications:

  • Don’t download apps with any bad reviews as well as lousy reviews' evidence or screenshots.
  • Don’t trust apps from unknown developers with no contact data.
  • Don’t trust apps, which are requiring your phone number or email for registration for no reason.

Please note that significant technology companies already provide most essential tools and utilities for free, such as emojis, selfie filters, and QR code scanners.

Cooltechzone news team

Tags: 
News
Author
Ozair Malik
A passionate Cyber Security researcher and writer with a keen interest in Digital Forensics. A community worker running a insta blog to raise cybersecurity awareness among laymen.

Leave a comment

click to select