CRUEL cyber crooks have found a way to add fake contacts onto people’s phones in an attempt to gain trust and empty bank accounts.
Cyber security experts have warned that the scam is a “truly global threat”.
1
The latest danger leads victims to believe they’re being called by a trusted person such as their bank, when actually it’s the scammers behind it.
This means a “bank support” contact will appear on screen, leading targets to believe it’s safe.
In doing so, bad actors can pretend to be your bank and dupe you into giving access to your account.
Technically, they could masquerade as anyone, such as loved ones or friends.
It’s all part of an evolved Android malware campaign known as Crocodilus.
Hackers can only modify contact lists of those infected by it.
“We believe the intent is to add a phone number under a convincing name such as “Bank Support”, allowing the attacker to call the victim while appearing legitimate,” experts at Threat Fabric warned.
“This could also bypass fraud prevention measures that flag unknown numbers.”
The cyber security firm first uncovered Crocodilus targeting people in Turkey in March.
But now the company claims it has spread to other countries across the globe.
“With newly added features, Crocodilus is now more adept at harvesting sensitive information and evading detection,” Threat Fabric continues.
“Notably, its campaigns are no longer regionally confined; the malware has extended its reach to new geographical areas, underscoring its transition into a truly global threat.
“This shift not only broadens the potential impact but also suggests a more organised and adaptive threat actor behind its deployment.
“As Crocodilus continues to evolve, organisations and users alike must stay vigilant and adopt proactive security measures to mitigate the risks posed by this increasingly sophisticated malware.”
How to stay safe
As ever, money-grabbing malware of this kind usually comes from apps downloaded outside of the Google Play Store.
So it’s best to stick to apps from the official platform.
It’s also important to ensure you have Play Protect switched on as this will help pick up on suspicious activity.
Must-know Android tips to boost your phone
Get the most out of your Android smartphone with these little-known hacks:
