MCP MOBILE MALWARE UPDATE As a leading mobile compliance and fraud specialist company, MCP Insight continually tests and validates potential issues coming from websites or malicious applications. Our objective in this article is to reflect on a recent discovery of a malicious application called “Blood Pressure Tracker App”. The malicious nature of the application enables it…
MCP’s fraud investigations team has noticed app malware activation patterns changing over the last 3 years. MCP identifies suspicious apps promoted to users via advertising seen in its Scanner monitoring tool. These apps are downloaded onto mobile devices to replicate the User experience. To a User, the advert and app look normal. More often than…
A record day in Saudi Arabia yesterday – MCP’s fraud investigations team were kept busy tracking a total of 14 fraud attacks, affecting 14 different services. The spate of payment fraud was triggered from one malicious APK on the Mobily network. The app, Swing Wallpaper, with a 2.4 rating on the Play Store and over…
In February 2020 MCP Insight spoke at an MEF seminar in Barcelona about the rising threat of mobile DCB fraud, and took the decision, with co-panalists from Vene, Boku and Telecoming, to found the MEF Fraud Working Group. The main purpose of the Group is to share intelligence around DCB fraud, educate the market about…
MCP Shield has noted a surge in examples of a novel type of fraud across 9 Geos (see image), where we are seeing IP-shifting in a single transaction. A transaction is initiated from a Digital Ocean Datacentre (pretending to be on a proper ‘gateway’). The events then triggered for this transaction come from a different…
Through MCP Shield, our Fraud Detection and Blocking solution, we can map user interactions against physical human activity making it simple to detect a human versus a bot in Direct Carrier Billing (DCB) consumer journeys. We continue to see large numbers of DCB opt-ins where there is no user interaction on ‘the page to be…
We use intel gathered from MCP Shield (MCP’s proprietary fraud detection and blocking solution), to deconstruct fraud and help our partners understand threats to their security or their customers’ security. In this case, three different devices/servers across three different countries were involved in a single case of fraud, highlighting the vulnerability of unprotected gateways. It…
Our real-time fraud detection and blocking product MCP Shield continues to see large numbers of Direct Carrier Billing (DCB) or Premium (PSMS) opt-ins where there is no user interaction on ‘the page to be protected.’ A number of fraud systems used by Mobile Operators or Aggregators are reliant on behaviour-based bot protection systems. Because these…
You will be aware of Carriers’ worldwide move towards a PIN mechanic in response to increased fraud on the ‘click flow’ mechanic. Additionally, PSA, the UK regulator’s new Special Conditions for subscription services came into effect from 1st November and includes the requirement for a two-stage sign-up process where the first stage requires an opt-in…
MCP Insight have reported an upsurge in Headless Browser usage that enables “Sim-not-present” fraud in multiple territories. A headless browser is a web browser without a graphical user interface. It provides automated control of a webpage in an environment similar to popular web browsers but are executed via a text-based user interface. To understand more about this growing fraud threat and how…