Toll fraud campaigns remain the biggest threat facing mobile device users, according to security firm Lookout.
The mobile security vendor's latest Threat Report issued today warned that most mobile attacks look to hijack users' handsets to make money for the villains.
"Toll fraud is the leading mobile threat at the moment," Lookout's Derek Halliday told V3.
Toll fraud attacks are designed to steal money from compromised devices by getting them to send text messages to premium rate SMS services owned by the criminals, without the knowledge of the user.
Lookout highlighted the FakeInst campaign as being one of the largest contributors to the toll fraud increase.
FakeInst is reportedly the most common form of toll fraud, representing as much as 82 percent of the mobile malware active in June.
FakeInst dupes users into downloading it to their device by posing as an installer for legitimate popular apps, like the Opera Browser. The tactic sees the criminals covertly install the malware alongside a fake version of the app.
Lookout's report highlighted that the likelihood of phone users encountering mobile malware depends on their geographic location and user behaviour.
"Your chances are much higher in areas like Russia, Ukraine and China," Halliday told V3.
"It's a combination of having a favourable environment for mobile malware development and the users' behaviour. Because people [in these areas] don't rely on the official Google Play Store, they use third party markets, so there's an environment that makes it more lucrative for cyber criminals to operate."
The report went on to warn that though the majority of the attacks may be rehashed versions of an old trick, criminals are developing new and more advanced ways to target mobile devices.
"The bad guys are experimenting, they're trying to find new ways to monetise their wares," said Halliday.
Halliday highlighted improved distribution methods, like "malvertising" and drive-by downloads as key practices being developed by criminals.
The techniques are already common practices on PC malware, seeing criminals infect machines using malicious web pages and advertisements.
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally