Know the Risk: Digital Transformation's Impact on Your Business-Critical Applications REGISTER >
UK premium rate phone services regulator PhonepayPlus has fined a Russian company £50,000 for distributing a malicious Android app that charged victims without their consent.
"The company, Connect Ltd, trading as SMSBill, created an application for Android phones that provided access to games," BBC News reports. "When the application was installed, a text message was also sent from the phone to a premium-rate number. The phone owner was then charged £10 for an auto-reply message."
"In an adjudication, published on the regulator’s website, PhonepayPlus confirmed that consumers had spent up to £250,000 on app downloads," writes IT PRO's Caroline Donnelly. "The organisation also confirmed that Connect Ltd’s actions had breached four parts of its code of conduct by taking payments without consent, misleading users and for not clearly stating what they would be charged."
"PhonepayPlus said that the service provided by the Android app 'had the sole purpose of generating high revenue and did so through recklessly misleading promotion and design,'" writes Sophos' Graham Cluley. "Connect Ltd was also criticised for appearing 'to have no regard to the Code and/or Guidance,' and failure to co-operate with the investigation in a prompt or adequate manner."
"The UK watchdog has ordered that customers will be credited on their next mobile phone bill and refunds must be offered within three months," writes ZDNet's Charlie Osborne. "If the number is no longer in use, then the refund will go to charity."
"In addition to the fines and the order for compensation, Connect was formally reprimanded and can now operate only under PhonepayPlus's supervision," writes The Telegraph's Richard Evans.