All Android users placed on red alert - scary bank bug can empty your account in minutes

2 weeks ago 4

Express. Home of the Daily and Sunday Express.

HOME
News
Politics
Royal
Showbiz & TV
Sport
Comment
Finance
Travel
Life & Style

Life
Cars
Tech
Garden
Property
Food
Diets
Health
Style
Express Wins

Android users must be wary before installing any new apps onto their devices after the discovery of a scary new bank account bug.

By David Snelling, Technology Editor

07:24, Tue, Nov 5, 2024 | UPDATED: 07:24, Tue, Nov 5, 2024

Android Fake Call warning

Android Fake Call warning (Image: GETTY)

A worrying bug is back and becoming its next victim could leave your bank account drained of all its cash. The latest threat, which has been spotted by the security team at Ziperium, is using the so-called "FakeCall" bug to attack unsuspecting Android users. This vicious malware was actually first spotted all the at back in 2022 but it's now seen a shock resurgence and is more troublesome than ever.

Once installed, the latest version of FakeCall can set about redirecting phone calls with users being put through to scammers when they think they are simply ringing their bank.

Zimperium has confirmed that it works by taking over Android's call handler setting which then allows cyber crooks to manipulate both incoming and outgoing calls.

What makes this threat so serious is that it works even if the correct number has been punched in on the keypad. Once the call is made, FakeCall simply redirects the victim to unofficial call centres where money can then be stolen and bank accounts raided.

Nearby Share: Android explain how mobile users can use feature

Explaining more about the attack, Zimperium said: "When the compromised individual attempts to contact their financial institution, the malware redirects the call to a fraudulent number controlled by the attacker.

"The malicious app will deceive the user, displaying a convincing fake UI that appears to be the legitimate Android's call interface showing the real bank's phone number."

"The victim will be unaware of the manipulation, as the malware's fake UI will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim's financial accounts."

This is not an attack anyone wants to fall victim to but there is a way to stay safe. It seems almost all "FakeCall" infections are taking place when users add apps to their devices via unofficial stores or by downloading them from the web.

Invalid email

We use your sign-up to provide content in ways you've consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. Read our Privacy Policy

With little protection from these installation methods, it's easy for scammers to take advantage.

As long as you stick to Google's Play Store you should be safe from FakeCall being secretly added to your device.

Before installing anything onto your phone it's always a good idea to check the permissions you are granting and, if possible, take time to read reviews and look at who has developed the application.

If you don't want your money stolen, stay alert and be careful which apps you install.

Read Entire Article