Android users are no strangers to the threat of fake apps and malicious malware. However, security experts are now sounding the alarm over a significant surge in scams and attacks targeting these popular devices.

According to the team at Malwarebytes, there has been a sharp uptick in Android threats since the beginning of 2025, with an alarming 151% increase over the past few months. One of the most notable increases is in SMS-based malware, which uses text messages to deceive unsuspecting users.

Smishing (SMS phishing) has also rapidly become a highly effective tool for attackers. Criminals are now utilizing AI-generated texts, making it quicker to launch attacks and more difficult for users to identify them.

Other escalating threats include Banking Trojans and spyware, which are now surpassing traditional annoyances like adware and riskware, reports the Mirror. The sophistication level of cybercriminals is also evolving.

“Threat actors are actively distributing malware through both official and unofficial app channels, often cloaking malicious apps behind layers of legitimacy,” explained Malwarebytes. “Fake financial tools, predatory loan apps, and cleverly disguised ‘updates’ aren’t just slipping through the cracks, they are being engineered with that objective in mind.”

One of the reasons why Android continues to be such a popular platform for attacks is the diversity of software versions in use, with many people running different or older versions of this software. “With over 30% of Android devices remaining stuck on outdated operating systems, these devices are sitting ducks, because they are unable to receive critical security patches,” warned Malwarebytes.

If you’re an Android user, it’s time to stay vigilant and be on the lookout for scams. It’s also wise to follow these top tips to keep your device safe from attacks.

How to protect your Android device:

• Always download your apps from the Google Play store whenever possible.

• Be mindful of the permissions you grant a new app. Does it genuinely need those permissions to function?

Permissions like “Display over other apps” should especially raise a red flag, as they can be used to intercept login credentials.

• Try to limit notifications as much as possible. Sketchy ad sites often ask for permission to display notifications.

Allowing this will increase the number of ads as they push them to your device’s notification bar.

• Keep your security software on your Android up-to-date and active.

Source: https://www.msn.com/en-us/news/technology/android-users-alerted-of-new-security-threat-that-could-infect-millions-of-devices