Open Forum

 View Only

Security BUZZ - A Sneaky Phone Scam

  • 1.  Security BUZZ - A Sneaky Phone Scam

    Posted 11-08-2024 09:00

    Imagine downloading what you think is a helpful app, only to discover that it secretly controls your phone and steals your information. This is the alarming reality of FakeCall, a type of malware targeting Android devices.

    Since 2022, security experts have been tracking this malicious software that tricks users into calling fake numbers controlled by criminals. These criminals then impersonate bank employees or other trustworthy figures in order to steal your money or personal information. This scam is known as "vishing," which combines voice calls with phishing.

    FakeCall often spreads through malicious apps disguised as harmless ones. These apps are typically found on less secure app stores or websites. They may appear to be games, tools, or even security software.

    Once you install the fake app, it will prompt you to set it as your default "call handler." That means it takes control whenever you make or receive a call. If you agree to this, the attackers can monitor and control your calls. They even create a fake interface that resembles your regular phone dialer, making it difficult for you to realize anything is amiss!

    Recently, security researchers discovered a new, even more dangerous version of FakeCall. This updated malware uses a sneaky trick to gain even more control over your phone. It takes advantage of a feature called "Accessibility Service," which is meant to help people with disabilities use their phones more easily.

    By exploiting this feature, FakeCall can now:

    • See everything on your screen, including your passwords, bank details, and personal messages.
    • Intercept your calls, listen in, or even take over the conversation.
    • Control your phone's interface, making it do things you didn't ask it to do.

    While FakeCall is mainly used for vishing scams, it can do a lot more damage than that. For example, it can:

    • Steal your identity by tricking you into calling fake numbers and giving away your personal information.
    • Spy on your conversations by hijacking your calls without you even knowing.

    Here are some tips to keep your phone safe from FakeCall and other malware:

    • Only download apps from trusted sources, like the Google Play Store. Be extra careful about apps from unknown websites or app stores.
    • Pay attention to app permissions. If an app asks for more access than it needs, especially to your phone calls or accessibility settings, think twice before installing it.
    • Be wary of suspicious calls. Don't give out personal information to unknown callers, and hang up if something doesn't feel right. If you're unsure about a call, contact the organization directly using their official phone number.
    • Use security software. Install a reputable antivirus app on your phone to help detect and remove threats like FakeCall.

    #ALTACyber



    ------------------------------
    Genady Vishnevetsky
    Chief Info Security Officer
    Stewart Title Guaranty Company
    Houston TX
    ------------------------------
    ALTA Marketplace