Phonepayplus stops rogue Angry Birds apps ripping off consumers

Phonepayplus, the regulator of premium phone lines, has suspended a UK company responsible for a payment system taking money through rogue Android apps.

A1 Agregator Limited made up to £27,850 from UK mobile users using rogue Angry Birds, Assassins Creed and Cut the Rope apps. The RuFraud attack affected 1,391 mobile numbers in the UK before the shortcode was suspended.

People who had downloaded the fake apps were charged up to £15 each time they tried to access the app usually because the malware sent and received text messages costing £5 each.

On average people lost around £80, said Phonepayplus. However, because the Trojan suppressed the sent and received texts, consumers were only aware of the problem after they had received their bill.

The company will now have to refund UK consumers within three months. Phonepayplus said it was aware many people may not realise they had been scammed, or may feel they can't do anything about it.

The regulator said it will know if the victims of the scam have been refunded by A1 Agregator.

The UK premium rate regulator also fined the company £50,000 and it will have to seek prior permission for a year before it can run any premium rate service in the UK.

Patrick Guthrie, Phonepayplus's director of Strategy and Communications said: "We will continue to clamp down on those who wish to take advantage of UK smartphone customers. We are very pleased that the tribunal ordered that everyone affected will get their money back and that a strong fine was imposed.

"The digital economy is vital to the UK's future and we will continue to take action to maintain the confidence of the public."

Fake Android apps are a continuing problem, especially for Android uses. David Emm, senior security researcher at Kaspersky Lab, said: "This development highlights a growing danger – the threat from mobile malware.

"The mobile threat landscape is dominated by malware designed to run on Android – 65 per cent of all threats are aimed at this platform. The platform is popular, it's easy to write apps for it and it's easy to distribute them via Google Play – so it's little wonder that cybercriminals are making use of Google Play, where malware masquerades as a legitimate app."