If you’re using Android, you may want to be careful when making calls to your bank. That’s because an updated malware program called FakeCall has reportedly been hijacking outgoing Android device calls to banking institutions.
Kaspersky first discovered the FakeCall Trojan in 2022, but hackers have recently updated it with several frightening new features, including the ability to capture your device’s screen.
How Does FakeCall Work?
FakeCall works via abuse of Android’s Accessibility Services and a technique known as “vishing,” a portmanteau of “voice” and “fishing.” According to Zimperium, a global Android, iOS, and Chromebook security firm, vishing uses social engineering and fraudulent calls to trick users into revealing confidential information or taking other dangerous actions.
If you’ve ever been contacted claiming that you’ve inherited money, or that a loved one has been incarcerated, then it’s likely that scammers targeted you for vishing. Because the callers sound urgent and authoritative, many people fall victim. It’s a growing problem, and according to the FTC, in 2022, victims of phone scams lost roughly $1,400 each to scammers.
FakeCall is more sophisticated than other scams, however, as it combines a malware component with cleverly disguised fraudulent calls. Which makes it slightly more dangerous for those unaware of its existence. It also mimics the Android phone dialer, so everything seems normal.
But, when you make an outgoing call to your bank, instead of a bank employee, you’re connected to a hacker who asks for sensitive information. And since you’re speaking with a human, you may not even suspect the impersonator is stealing your precious info.
How Does FakeCall Spread?
The FakeCall malware is commonly spread when users sideload APK files from sites that resemble the Google Play Store. Zimperium states there are currently 13 malicious apps that are being used to spread FakeCall. While the company hasn’t identified which apps they are, it has identified certain indicators of compromise (IOC), and listed them on its GitHub database.
When you unknowingly download a tainted app, it asks you for permission to become the default call handler. Because the app looks legitimate, many people immediately grant access. That’s when FakeCall takes over, and the trouble starts.
Using this access, hackers can steal information, live stream your device’s screen, take screenshots, unlock your device, and even turn off the auto-lock function of your phone.
How to Stay Protected
To stay protected from malware such as FakeCall, it’s important to avoid installing suspicious APK files on your Android device. Instead, only download apps from the official Google Play Store. Installing apps like Google Play Protect and a trusted Android antivirus app can provide an additional layer of defense. You should also reboot your device regularly to boost its security.
Unfortunately, hackers will continue their relentless pursuit of your personal information. However, the strongest protection is to equip yourself with a thorough knowledge of the best security practices for your Android devices. Finally, you should avoid offering device permissions to strange apps, and limit the apps on your device to only the ones you trust.