ANDROID owners have been warned about a malicious phone call scam that can empty your bank account.
A malware dubbed FakeCalls that was plaguing Android smartphone users last year has recently resurfaced.
HOW DOES IT WORK?
The attack begins when a victim installs the malware onto their Android device.
This can happen in a number of ways – for example, phishing or malicious banking apps pretending to be real institutions.
According to cybersecurity firm CheckPoint, the Trojan can “masquerade as one of more than 20 financial applications.”
Then, the app will offer a victim a loan with a low-interest rate – and once the victim is interested, the malware initiates a phone call.
On the phone call, the user is played a recording from a bank’s real customer support with instructions on moving forward with the loan.
This is called voice phishing and it consists of scammers impersonating legitimate companies to steal money and personal and financial information.
“We discovered more than 2500 samples of the FakeCalls malware that used a variety of combinations of mimicked financial organizations and implemented anti-analysis techniques,” CheckPoint noted.
What’s more, the malware uses “spoofing” to trick victims even further.
Spoofing works by masking an attacker’s number to make it look like a real institution is calling someone.
Eventually, the victim is defrauded into revealing their credit card or banking details.
HOW TO STAY SAFE
For starters, it’s important to always keep your device updated with the latest software and antivirus protection.
You should also avoid installing apps from unofficial app stores.
And even if an app is on Google’s Play Store, you should remain vigilant and question its legitimacy.
Furthermore, you should never download anything from strange pop-up windows.
