Researchers at North Carolina State University say a vulnerability discovered in Android could lead to text message phishing for personal information.

The vulnerability affects devices running Gingerbread, Ice Cream Sandwich, and Jelly Bean versions of the Android operating system, Slash Gear reported.

The vulnerability would allow a downloaded app infected with malware to make it appear the phone receive texts messages from someone on the phone user's contact list.

Such fake messages can be used to try and obtain personal information such as passwords or bank and credit card information, the researchers said.

The researchers say they've notified Google of the vulnerability, with the company saying a fix would be issued "in a future Android release."

Until then, the researchers recommend extreme caution when downloading and installing apps, especially from unknown sources.

Also, they said users should be alert about text messages and confirm they're actually from someone they know, rather than a scam attempting to steal personal information. (UPI)