FakeCalls, a banking trojan that focuses on voice phishing, has upgraded its ways to evade detection and strike globally. The malware can hijack calls made to banks using Android phones and even show a fake call interface that appears to be the legitimate Android dialer.
The latest version of FakeCalls sets itself as the default call handler, allowing it to intercept and mess with both outgoing and incoming calls. It displays a convincing fake UI that mimics the actual banking experience, making it hard for victims to see what’s happening. When a user attempts to contact their financial institution, the malware redirects the call to a fraudulent number controlled by the attacker.
FakeCalls can also steal data, getting access to Android’s Accessibility permissions. This gives it free rein to do whatever it wants, including starting livestreams, taking screenshots, and unlocking devices. The malware has added new commands to mimic pressing the home button, delete images, and access photos and thumbnails from storage.
To protect yourself from FakeCalls, follow these six steps:
1) Have strong antivirus software installed on your device.
2) Download apps only from trusted sources like the Google Play Store.
3) Be cautious with app permissions, reviewing them before installation.
4) Regularly update your device’s operating system and apps to ensure security patches are applied.
5) Monitor financial activity regularly for unauthorized transactions.
6) Limit sensitive transactions on mobile devices.
The increasing sophistication of malware threats highlights the need for improved security measures from Android phone manufacturers and Google. By taking these precautions, you can reduce your risk of falling victim to FakeCalls and other cyber threats.
Source: https://www.foxnews.com/tech/updated-android-malware-can-hijack-calls-you-make-your-bank