Allowing the wrong permissions in an app can cost you a lot of money.
Avast security says it’s found an App in the Google Play store that can empty your wallet. The app is called Cmara Vision Nocturna or Night Vision and promises to enable your phone camera to see at night.
But according to Avast, what this app actually does is help itself to your money. They point out some unusual permissions for this app. It’s only supposed to work with your camera, but it asks for permission to access your account and to write SMS. Two things which shouldn’t be required of a simple camera app. What these permissions permit it to do is get phone numbers from messaging apps and then proceeds to subscribe them to a an expensive messaging service.
You’ll be charged almost $3 for that, but that’s not all. The app can then keep sending these messages until you owe up to $50 a month.
If you happened to download this particular app, you may want to get rid of it now.
As we discussed in an earlier article, a large number of both Apple and Android apps have troubling permissions that could pose security risks. 
Though many of us just tap and accept app permissions without reading them, it’s a good idea to actually read the permissions and ask yourself if there’s a reason this app needs to access your accounts, your text messages or your location.
Keep an eye out for permissions that read your contact data. Unless it’s a messaging app or an app with a social component, there’s no need for it. If an app wants to use SMS or MMS permissions, be cautious. If it’s not a messaging app, it doesn’t need to access those functions. Another thing to look out for is location. Some apps need that information, but if there’s not a good reason that app needs to know where you are, think twice about accepting those permissions.
Right now there’s no easy way to selectively choose which permission you want to permit in an app. If you aren’t comfortable with what an app wants to access on your phone, your best bet is not to install that app at all.