A banking trojan called Fakecalls is targeting Android device users to hijack their calls to a bank’s customer support number and connect them directly with the cybercriminals.
About Fakecalls scam
According to Kaspersky, the malware disguises as a mobile app from well-known banks (such as KakaoBank or Kookmin Bank).
- When a victim attempts to call the bank customer support, the trojan breaks the connection and displays its call screen, which appears almost the same as the real one.
- Scammers pose as support representatives and obtain details to access the victim's funds.
Calling techniques
The trojan can play a pre-recorded message that mimics the ones often used by banks to greet customers seeking support.
- The malware developers have recorded a few phrases commonly used by banks to let the customer know that an operator would take their call whenever they become available.
- Additionally, the trojan can spoof incoming calls, allowing the hackers to communicate with the unsuspecting victims as if they were the bank’s customer support service and fool them.
Spying on victims
Upon infection, threat actors can spy by broadcasting audio/video from the device in real-time, see its location, and copy files (contacts, photos, videos) and history of text messages.
Even though the Fakecalls trojan emerged last year, it has received little attention due to its limited targeted geography. However, the use of fake call features is something new in the evolution of mobile banking malware.
Conclusion
Fakecalls introduced an entirely new technique to take over customer support calls. Experts suggest downloading apps only from official stores and paying attention to the requested permissions of an app. Further, install reliable anti-malware applications on mobile devices.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock-512277926.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/6443_shutterstock_360127970.jpg)
