Malware is becoming more sophisticated. This, coupled with our reliance on our smartphones to do more phone banking poses a legit security concern. And thieves are taking full advantage of it through phone malware.
Meet the New Fakebank Malware
SC Media reports security researchers have discovered a new variant of Fakebank malware. This one works when someone makes a call to their bank. The phone malware redirects the call to a fraudulent number, where the caller can unknowingly supply personal information.
This isn’t the first time something like this has happened. SC Media found that earlier versions of the phone malware were able to intercept text messages, record customers’ calls to the bank, and display fake login pages.
The new malware adds intercepting outgoing and incoming calls to the bank-this means any point of communication between a person and their bank can be susceptible to malware.
How the Phone Malware Works
Symantec found 22 corrupted applications, with the main distribution methods being social media and alternative application stores. Upon installation, the malware sends data to the command and control server regarding the smartphone and personal information of the caller, as SC Media states.
Essentially, when you try to call the bank and your phone contains the malware, it redirects the call to the phone number of the scammers, who’ll impersonate a representative of your bank. And as you can imagine, this can be a data goldmine for thieves.
Researchers concluded that most phones are susceptible to the malware aside from phones running Android 8. They found the reason for this is “overlaying a system window from an app is not allowed, so the malware cannot carry out its deception.”
Researchers also found, “In addition to tricking users into conversations with scammers, this malicious app sends call events to the C&C server. It also contains a number of layouts customized to popular layouts in Korea.”
Phone Malware Prevention: Best Practices
While this particular malware affects mostly those in South Korea, malware can occur at any time, so it’s important to make smart choices such as:
Refraining from downloading applications from unfamiliar sites.
Keeping your device’s software up to date.
Understanding that your bank won’t ask for your Social Security number or debit/credit card information when on the phone.
The last one is important to emphasize because if you know how the bank communicates with callers, it can help you identify scammers.
And in the unfortunate event, you do have malware on your mobile device, the experts at SALVAGEDATA can help you.
You need access to your files on your corrupted device; we have the tools and experience to recover your data. Together, it’s a perfect match.
Along with our expertise, you’ll experience exceptional service every step of the way. With that in mind, if you need to recover your data, contacting us brings you one step closer to achieving that.