Android phishing threats have evolved into a sophisticated menace targeting users through malicious applications, according to new research. Malwarebytes’ 2025 State of Malware report identified over 22,800 phishing apps on Android devices, marking a significant shift from traditional email-based phishing tactics. The surge follows Google’s earlier efforts to block over 2.36 million malicious apps throughout 2024.
The malicious applications often masquerade as popular services including TikTok, Spotify, and WhatsApp. Some appear as standard videogames or utilities, requesting users to connect their social media accounts for functionality—a deceptive method used to harvest login credentials. To avoid detection by Google Play’s security protocols, many of these apps are distributed through alternative app stores. The pattern matches recent incidents like the FireScam malware that impersonated the Telegram messaging app to collect user data.
A notable category of these threats includes ad-serving applications that contain no password-stealing code directly within the app. Instead, they display advertisements that redirect users to external phishing websites when clicked, making them more difficult to detect and enabling their presence on legitimate app stores. The technique has become increasingly common as cybercriminals adapt to enhanced app store security measures.
The Indian Computer Emergency Response Team (CERT-In) has identified multiple vulnerabilities affecting Android versions 12, 12L, 13, 14, and 15. The security flaws could potentially allow unauthorized access and code execution on affected devices, compounding the risks posed by malicious applications.
The threat landscape extends beyond traditional phishing methods, with artificial intelligence now being employed to create sophisticated phishing attempts. Recent data indicates that AI-powered attacks have impacted 96 percent of organizations in 2024. In response, Google has implemented enhanced security measures, including advanced AI models for Gmail that have improved spam blocking by 20 percent and reduced unauthorized emails by 65 percent, preventing 265 billion unwanted messages annually.
Security experts recommend several protective measures for Android users, including regular system updates, avoiding app installations from untrusted sources, enabling Google Play Protect, and maintaining vigilance against phishing attempts. The FBI and CISA have also recently warned users about the vulnerabilities in SMS-based two-factor authentication, recommending stronger authentication methods to protect against these evolving threats.
Sources: Malwarebytes Blog, Moneycontrol, Digital One Agency, Economic Times
Follow Us