Cyber criminals are sneaky bunch. Don’t believe us? Just look at the rise in toll fraud, a scary new form of mobile malware that could be siphoning money from your wallet without you even realizing it.

The New York Times’ Brian Chen recently wrote an interesting, and frightening, story about this type of mobile malware. The story provides yet more evidence that though most cyber criminals are still focusing on PCs, a growing, and clever, group of them are turning their evil attentions to the growing smartphone and mobile device markets.

Toll fraud

Toll fraud is, as Chen writes, the most common form of malware targeted at Android devices. In toll fraud, cyber criminals snatch small amounts of money from smartphone owners by making secret charges to their phone bills.

Chen quotes a report published by mobile security company Lookout showing that toll fraud has the potential to trick a large number of smartphone owners. That’s because so many owners don’t carefully study their phone bills each month.

Because of this, they are likely to miss the small charges that toll fraud attacks levy.

A complex process

According to Chen’s story, toll fraud happens when smartphone users first download a malicious app that invisibly sends a text message to a service that uses a middleman service that has an existing relationship to the author of the malware.

A confirmation message is sent to the malware, which blocks it from the view of the smartphone owner. This message, of course, confirms the small charge to the user’s phone bill.

Once this undetected charge goes to the smartphone owner’s bill, the carrier takes its portion of the charge and gives the rest of the money to the service and the middleman. This means that the malware author eventually receives a piece of the charge.

A growing problem

Chen’s story quotes Lookout estimates that from the beginning of 2012 to the end of 2013, a total of 18 million users of Android devices might encounter malware. Lookout also reported that about 72 percent of the malware that found this year was of the toll-fraud variety.

What do these numbers mean? Only that smartphone users must be more cautious than ever. Cyber criminals haven’t yet descended on smart phones and mobile devices. But that day may soon arrive.

Read more at the New York Times:http://kbit.co/toll-fraud