Scams designed to intercept customer support calls and use fake Android apps to steal banking data are back, and more effective than ever.
Malware called FakeCalls, originally spotted about a year ago, has made a comeback, researchers from cybersecurity firm checkpoint (opens in a new tab) indicating that it employs further evasion techniques.
According to its report, the Trojan can “disguise itself as one of more than 20 financial applications” to mimic a phone call in a scam known as voice phishing.
Voice Phishing Malware
The malware appears to be specifically targeting South Korea, which, according to the government, is Report (opens in a new tab) Voice phishing attacks alone cost an estimated $600 million in 2020.
Not only have cybersecurity researchers discovered more than 2,500 malware samples, but it uses a “unique” evasion technique “not previously seen” [been] Saw in the wild,” suggesting a more advanced malware has emerged and is likely to remain stealthy for a longer period of time.
The attack is fairly simple: Once FakeCalls is illegally installed on a victim’s Android device, the malware operator’s phone number is masked with a real bank number in order for the victim to confirm payment details and subsequently expose himself to various Gaining trust before risk includes identity theft.
another report Kaspersky (opens in a new tab) The most notable types of attacks in 2022 are revealed. FakeCalls was found to be the second most common mobile banking Trojan last year, accounting for 8.27% of all installs, although it was far behind top-ranked Bray at 66.40%.
The same report highlighted China as the country with the highest percentage of its citizens attacked by mobile malware, while South Korea failed to crack the top 10.
