In today's world of vast computing technology, malicious technology users are often looking for new ways to exploit other people's computing devices for their own financial gain. For example, a malware author may develop a malicious premium-text application designed to infiltrate mobile phones belonging to unsuspecting victims. Upon infiltrating a victim's mobile phone, the premium-text application may automatically create one or more text messages and then direct the victim's mobile phone to send the text messages to a premium-rate telephone number associated with the malware author. By sending the text messages to the premium-rate telephone number, the victim's mobile phone may incur service charges that financially benefit the malware author at the victim's expense.
Unfortunately, such a premium-text application may implement polymorphic techniques that reduce the likelihood of being detected by conventional anti-malware solutions (such as signature-based security systems). What is needed, therefore, are systems and methods for identifying suspicious text-messaging applications on mobile devices based at least in part on the attributes of outgoing text messages.