All Android owners warned over copycat of popular app that can silently rinse thousands from your bank account
ANDROID owners worldwide must be cautious of a copycat app that is masquerading as McAfee antivirus software.
A fraudulent McAfee campaign was first discovered in 2021, however, the same ploy has since robbed thousands from unsuspecting victims.
AlamyWhile Finnish authorities haven’t determined the type of malware, the attacks closely resemble the campaign Fox-IT analysts discovered in 2021[/caption]
Finland’s Transport and Communications Agency (Traficom) recently said it had discovered multiple cases of the copycat app attempting to breach online bank accounts.
The agency said text messages to Android owners written in Finnish instruct recipients to call a number.
They can, for example, log into the online bank and transfer money… In one case, the victim of the crime lost 95,000 euros in the scam.
Finnish police
The messages are spoof messages, appearing as though they are being sent from banks or payment service providers.
Those who dial in actually end up calling a scammer, who instructs victims to install a McAfee app ‘for protection’.
But those who follow the instructions are actually installing malware onto their phone – leaving all their accounts at risk.
“Fraudsters use the software to take over the entire phone,” Finnish police explained.
“They can, for example, log into the online bank and transfer money.
“In one case, the victim of the crime lost 95,000 euros in the scam.”
What is spoofing?
Spoof calls - or caller ID spoofing - is when a hacker intentionally copies another phone number to either disguise their identity or masquerade as another.
They are incredibly convincing, but remember: most banks, payment providers and companies typically don’t make unsolicited calls or texts.
If in doubt, call them back yourself by re-typing the legitimate number into your iPhones keypad.
Do not call them back by clicking on the potential spoof number that has rung you.
‘Email spoofing’ is where scammers are able to make an email look like it comes from a different address to appear more legitimate.
Scammers are able to ‘spoof’ the genuine address to pretend to be representatives of any company, like Amazon, Sky, Meta or Google.
To avoid falling for this trick, click or tap the email address shown in Gmail or Outlook to see if a different email address is being used.
This is not antivirus software but malware to be installed on the phone.
Traficom
“According to reports received by the Cyber Security Center, targets are encouraged to download a McAfee application,” Traficom writes in a statement.
“The download link offers an .apk application hosted outside the app store for Android devices.
“However, this is not antivirus software but malware to be installed on the phone.”
The OP Financial Group, one of Finland’s largest financial services providers, has also issued an alert on its website about the threat campaign.
TROJAN HORSE
Cybersecurity experts in NCC Group’s Fox-IT team first spotted the McAfee copycat banking trojan in early 2021.
A banking trojan is malware specifically designed to steal a victim’s financial information.
The campaign exclusively targets Android devices.
Cyber crooks rely heavily on the ability to masquerade as legitimate apps and software in the effort to fleece victims of their data and hard-earned cash.
In early April, experts explained how hackers had since given the copycat a sophisticated makeover, leaving Android owners more vulnerable than ever.
While Finnish authorities haven’t determined the type of malware, the attacks closely resemble the campaign Fox-IT analysts recently reported.
WHAT NOW?
Google is generally good at weeding out and removing risky apps from its platform, but a small number do slip through the cracks.
Make sure Google’s anti-malware tool Play Protect is active, as it can protect against this specific type of malware, known as Vultur.
Always check the reviews for apps – as these can be red flag warnings against downloading specific apps, particularly if there are not many reviews for a supposedly popular app.
If you think you’ve downloaded the dodgy McAfee copycat – delete it straight away.
You must also restore the infected Android device to Factory Settings – which wipes all data and apps.
You should also contact your bank immediately, so they can stop any unapproved cash transfers.
Must-know Android tips to boost your phone
Get the most out of your Android smartphone with these little-known hacks:
Secret button that boosts your battery and can save money
Lazy hack to free up space on your phone
Apps to delete for extra storage
Simple trick to get from A to B faster on Google Maps
Free upgrade protects Android users from scam apps
Clever trick lets you respond to calls WITHOUT talking
Welcome to Billionaire Club Co LLC, your gateway to a brand-new social media experience! Sign up today and dive into over 10,000 fresh daily articles and videos curated just for your enjoyment. Enjoy the ad free experience, unlimited content interactions, and get that coveted blue check verification—all for just $1 a month!
Account Frozen
Your account is frozen. You can still view content but cannot interact with it.
Please go to your settings to update your account status.
Open Profile Settings