If current scams were already problematic, new malware makes things even more difficult. Hackers’ way of scamming evolves through this virus with which they will be able to redirect your call without you being able to realize anything.
Until now, the scams suffered by mobile users are numerous and getting worse. Between those who impersonate your child and those who use other types of techniques, the truth is that we cannot cope. The problem is that these scams are going to evolve with a next step in the form of malware that is already making security experts tremble. It has been discovered by Zimperium’s zLabs research team and suggests an immediate future that is going to be much more dangerous.
FakeCall could scam you without realizing it
The name of this mobile virus that has evolved is called FakeCall and what it does is use a technique known as vishing (voice phishing), through which it will try to trick you into providing confidential information in a fake call. We had previously known FakeCall, but this new capacity opens up more possibilities of risk and infection.
The problematic thing about FakeCall is that it not only works with incoming calls on your mobile, a type of threat to which we are already more than accustomed, but it also does the same with outgoing ones. And the system that the virus uses is so complex that, once you have the virus on your mobile, you will not be able to feel safe with any call you make. The reason? The malware will redirect the call you make to the hacker’s number and, although you think it is your bank, it will actually be the attacker who answers you. That will make you completely at their mercy thinking that it is a safe call.
Things get difficult
Vishing could become a serious headache for users. What hackers want is, of course, to get your credit card information and other sensitive data that can cause you to give them access to your bank account. Of course, the problem is that you think you are calling your bank, so you don’t question whether they ask you for any of that sensitive information. You will think that you are speaking with an agent of the entity and that, therefore, there is no risk. Because if you can’t trust your bank to manage your bank account details, it’s obvious that you can’t trust anyone.
FakeCall is installed on users’ phones hidden in an Android APK file that you could download on a website dedicated to downloading applications. There are more and more threats of this type and, therefore, we always recommend installing only from trusted sources, such as Google Play. When the virus has been loaded on the mobile, the user is left in the hands of the hacker. The only thing you will have to do before that happens is to accept when the app asks to become the default calling application. That, at least, seems like a small obstacle for attackers.
But if we give it permission, the virus will gain control of all calls. And, as you can imagine, the most dangerous thing about all this is that, when you call your bank, the call that will appear on the screen will correspond to the number that you have dialed. That would mean that, even if you doubt the voice or what the supposed bank agent tells you, when you look at the screen of your mobile phone you will reaffirm that it is the real number and that, in theory, you have nothing to fear. Unfortunately, it will be part of the scam and could leave you in a really dangerous situation.
Today, hackers want bank access as their main objective, but we must not rule out that they want to carry out identity theft and that they are after the search for other data and documents. Therefore, remember that, as we said, it is best to download only from safe places.