Hackers setting up rogue pop-up-ads for website payments

Christopher Boyd, malware intelligence analyst at Malwarebytes, warns that some websites may be taking advantage of payment designs in a bizarre way, resulting in unwanted charges for angry mobile phone users.

Hackers achieve the charges by a basic method. Sites related to the charges place paid advertising on ad networks. The ads redirect visitors from the original site to their own, normally as a new tab or window. The soon-to-be-billed people might find themselves in between a few ad network URLs prior to arriving at their final destination. 

The final destination may take the form of a difficult-to-close quiz popup, video, or a blank page closed before any content could load. Finally, the payment for 'services' is applied to the mobile network operator, passing the charge on to the customer.

The redirects send people to 'one time use' URLs and advert placement is random.

To avoid this from happening, install an ad blocker or other security software on your phone and have your mobile operator block premium services. If you feel you were hit by an accidental or unfair charge, contact the premium rate services regulator. 

Sign up to our newsletters