Parasitizing well-known brands allows hackers to deceive mobile banking users.
Cyber scammers using Android malware to break into bank accounts have become more active in Finland, the local Transport and Communications Agency (Traficom) warns.
Scammers send SMS messages in Finnish, disguising themselves as banks and payment systems such as MobilePay, and encourage victims to install the McAfee app to protect their finances. However, in fact, this application is fraudulent and gives attackers access to bank accounts.
Spoofing helps attackers impersonate local telecom operators. Sent messages usually contain a link to download an app in the ".apk" format hosted outside of the official Android app store. This should already alert the recipients, but many users of the green robot are still led to such tricks.
OP Financial Group, one of the largest financial service providers in the country, also issued a warning about fraudulent messages. The police emphasize that the malware allows its operators to transfer money from the victims ' bank accounts. In one case, the victim lost a whopping 95,000 euros.
Traficom clarifies that the attack is aimed exclusively at Android users. According to Fox-IT analysts, the exploitation of users trust in the McAfee brand may be related to the already well-known campaign to distribute the Vultur Trojan, which now uses a mixed method of SMS phishing and phone calls to convince victims to install the malware.
The new version of Vultur has improved file management features, abuse of the accessibility service, blocking the execution of certain applications, disabling Keyguard, and the ability to send fake Push notifications.
Google previously reported that the Play Protect anti-malware tool built into Android automatically protects users from all known versions of Vultur, so it's important to always keep it active.
The OP clarifies that it never asks customers to share confidential information over the phone or install any apps to make or cancel payments. Any such requests should be immediately referred to the bank's support service and the police.
If malware is installed, users need to contact the bank immediately, reset the device settings to factory settings in order to be sure to erase all malicious applications, and, if possible, change all passwords for accessing the banking system.
Cyber scammers using Android malware to break into bank accounts have become more active in Finland, the local Transport and Communications Agency (Traficom) warns.
Scammers send SMS messages in Finnish, disguising themselves as banks and payment systems such as MobilePay, and encourage victims to install the McAfee app to protect their finances. However, in fact, this application is fraudulent and gives attackers access to bank accounts.
Spoofing helps attackers impersonate local telecom operators. Sent messages usually contain a link to download an app in the ".apk" format hosted outside of the official Android app store. This should already alert the recipients, but many users of the green robot are still led to such tricks.
OP Financial Group, one of the largest financial service providers in the country, also issued a warning about fraudulent messages. The police emphasize that the malware allows its operators to transfer money from the victims ' bank accounts. In one case, the victim lost a whopping 95,000 euros.
Traficom clarifies that the attack is aimed exclusively at Android users. According to Fox-IT analysts, the exploitation of users trust in the McAfee brand may be related to the already well-known campaign to distribute the Vultur Trojan, which now uses a mixed method of SMS phishing and phone calls to convince victims to install the malware.
The new version of Vultur has improved file management features, abuse of the accessibility service, blocking the execution of certain applications, disabling Keyguard, and the ability to send fake Push notifications.
Google previously reported that the Play Protect anti-malware tool built into Android automatically protects users from all known versions of Vultur, so it's important to always keep it active.
The OP clarifies that it never asks customers to share confidential information over the phone or install any apps to make or cancel payments. Any such requests should be immediately referred to the bank's support service and the police.
If malware is installed, users need to contact the bank immediately, reset the device settings to factory settings in order to be sure to erase all malicious applications, and, if possible, change all passwords for accessing the banking system.
