Android malware “FakeCalls” targets financial firms in South Korea

Android malware “FakeCalls” targets financial firms in South Korea

A new Android vishing (voice phishing) malware tool called “FakeCalls” has been detected targeting victims in South Korea by impersonating 20 leading financial institutions in the region.

Dubbed “FakeCalls” by the Check Point Research (CPR) team, the malware baits victims with fake loans, requesting them to confirm their credit card numbers, which are then stolen.

What does Fakecalls malware do ?

“FakeCalls malware possesses the functionality of a Swiss army knife, able not only to conduct its primary aim but also to extract private data from the victim’s device,” said CPR cybersecurity researcher Alexander Chailytko.

In a report published by CPR on Tuesday, the company confirmed it discovered over 2500 samples of the FakeCalls malware in a combination of mimicked financial organizations and implemented evasion techniques.

“The malware developers took special care with the technical aspects of their creation as well as implementing several unique and effective anti-analysis techniques,” Chailytko explained. “In addition, they devised mechanisms for disguised resolution of the command-and-control servers behind the operations.”

The security expert warned that the same strategies used by FakeCalls could potentially be replicated to target other global markets.

How to Prevent Vishing Attacks

  • If you don’t recognize the number, don’t answer the call. Instead, let go to voicemail and listen to the message later to decide whether to call back.
  • If you suspect that the call is a vishing scam at any point, hang up and block the number. Don’t try to carry on a conversation to be polite.
  • Don’t press any buttons or speak any responses to any prompts from an automated message. Scammers could potentially record your voice to navigate voice-automated phone menus tied to any of your accounts, or they might use a “press X” option to identify targets for future calls.
  • Verify the callers identify before returning a call to an unidentified number. If the scammer claims to be from a certain company, search for the company’s public phone number and call that instead.
  • Carefully listen to the caller and mentally flag if they’re using social engineering language that leverages fear or urgency, or “once-in-a-lifetime opportunity” language.
  • Register with the Do Not Call Registry. Most legitimate telemarketing companies avoid calling numbers on this list, so if you happen to receive a call from one, it’s most likely a vishing attack.
  • Don’t provide your phone number to any emails or messages asking. Report these emails to your IT support team.

Follow Us on: Twitter, InstagramFacebook to get the latest security news!

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!