High-Risk Android Scam: Critical Vulnerabilities Found in Android 12 and Above

• CERT-In identifies critical flaws in Android 12+ frameworks, risking data leaks and device control.
• Hackers exploit chipset bugs to bypass security, triggering phishing and ransomware attacks.
• MeiTy urges immediate OS updates and stricter app permissions to block scams.

In recent weeks, India’s Ministry of Electronics and Information Technology (MeiTy) has issued a critical warning for Android users, highlighting severe security vulnerabilities in devices running Android 12 and later versions. The advisory, published in collaboration with the Indian Computer Emergency Response Team (CERT-In), reveals that millions of users could be exposed to high-risk cyberattacks, data theft, and device hijacking. This Android scam alert underscores the urgent need for users to update their devices and adopt preventive measures to avoid falling victim to sophisticated hacking attempts.

The vulnerabilities stem from flaws in Android’s framework and chipset components, enabling hackers to exploit devices for unauthorized access, data breaches, or denial-of-service (DoS) attacks. With Android dominating India’s smartphone market, this warning impacts a vast population, particularly those using newer OS versions like Android 13, 14, and 15. Authorities stress that ignoring these risks could lead to irreversible financial and personal data losses.

Oppo A59 5G Gets Android 15-Based ColorOS 15 Update in India

Also Read: Android Scam Alert: Learn How a Major Threat is Looming Over Android 12 to Android 15 Users

Android Scam Alert

The Android scam threat revolves around multiple vulnerabilities in Android’s operating system architecture. According to CERT-In, attackers can manipulate these flaws to:

• Steal sensitive information like banking credentials or personal data.
• Execute arbitrary code to hijack device functions.
• Trigger system crashes via Denial-of-Service (DoS) attacks.

Affected versions include Android 12, 13, 14, and 15, with risks magnified for users who delay software updates. MeiTy’s advisory highlights that even trusted apps could become gateways for malware if permissions are misconfigured.

iQOO Z10 Turbo, Z10 Pro Tipped to Launch Soon Snapdragon, Battery & More

How to Secure Your Android Device

• Install Updates Immediately: Enable automatic OS updates under Settings > System > Software Update. Patches often fix critical bugs flagged by CERT-In.
• Enable Two-Factor Authentication (2FA): Add an extra security layer to your Google account and banking apps.
• Avoid Unofficial Apps: Download apps only from the Google Play Store. Third-party stores may host malware disguised as legitimate tools.
• Use Anti-Phishing Tools: Activate Google’s Play Protect and avoid clicking suspicious links in emails or messages.
• Use a Strong Lock Screen: Set up a PIN, password, or biometric authentication (fingerprint/face unlock) to prevent unauthorized access.
• Audit App Permissions: Restrict apps from accessing unnecessary features like your camera, microphone, or location.
• Disable Unknown Sources: Go to Settings > Security and ensure “Install Unknown Apps” is turned off to block sideloading of malicious apps.
• Encrypt Your Device: Most modern Android devices come encrypted by default, but you can check under Settings > Security to confirm. Encryption protects your data in case of theft.
• Be Cautious with Public Wi-Fi: Avoid accessing banking apps or entering sensitive information on open networks. Use a VPN for extra protection.
• Regularly Back Up Data: Store important files on Google Drive or an external device to recover data in case of a breach or device loss.
• Turn Off Bluetooth & NFC When Not in Use: Hackers can exploit open Bluetooth and NFC connections to gain unauthorized access.
• Enable Remote Tracking & Wiping: Activate Google’s “Find My Device” under Settings > Security, allowing you to locate, lock, or erase your phone remotely if lost.
• Use Secure Messaging Apps: Opt for encrypted messaging services like Signal or WhatsApp for sensitive conversations.
• Monitor Battery & Data Usage: Unusual spikes in usage may indicate spyware or malware running in the background.

For advanced users, CERT-In recommends disabling USB debugging and limiting administrator privileges to minimize attack surfaces.

Also Read: Gmail Users Alert AI-Powered Hacks Are Targeting 2.5 Billion Accounts

The Android scam alert serves as a wake-up call for users to prioritize digital hygiene. As cybercriminals grow more sophisticated, staying proactive with updates and cautious with app permissions is non-negotiable. Follow MeiTy’s guidelines to shield your device from emerging threats and ensure a safer Android experience.