What Is FakeCall?
The year 2022 marked the emergence of FakeCall, a malicious software designed to steal money from bank accounts by intercepting phone calls.
The original variant of FakeCall would simply wait for its victim to make a call to their bank. The phone call would then be intercepted by the scammers, who would pose as fake customer service representatives.
Since then, this cunning cyber threat has grown stronger, targeting Android users globally with 13 newly discovered versions that exhibit enhanced stealth abilities and sophisticated features.
FakeCall Increased Sophistication
Stealth Capabilities: The updated versions of FakeCall have proven adept at hiding themselves on devices. By employing deceptive tactics, these malware strains make it more challenging for security software to detect them.
Infection Method: FakeCall typically infects a device when someone clicks on a phishing link, which downloads an app containing the malware. Once installed, the malicious program establishes contact with its creators and awaits further instructions.
Manipulating Phone Calls: The primary goal of FakeCall is to intercept and manipulate phone calls. After installation, it prompts users to set it as their default call handler, granting control over all incoming and outgoing calls. When victims attempt to reach their banks, the malware redirects the calls to numbers controlled by attackers.
Fake Interfaces: To facilitate this scheme, FakeCall displays a counterfeit phone interface resembling Android's genuine interface, complete with the bank's phone number. Victims are thus tricked into believing they are still contacting their banks while divulging sensitive information.
New Features: The latest versions of FakeCall feature unknown components like a Bluetooth receiver and screen monitor. These additions grant attackers greater control over devices and enable them to steal information from victims' screens without detection.
Remote Device Control: Furthermore, the malware now includes a service that allows attackers to take full control of victims' devices by monitoring their activities on smartphones. This means users may unknowingly remain under remote control.
How To Protect Yourself From FakeCall
Untrusted Applications: Do not download or install unknown Android applications.
Unknown Messages: Ignore and delete any unsolicited emails or text messages and be especially suspicious if any of these messages contain links or attachments.
Bank Policies: Get to know your bank's policies, specifically what kinds of information they will typically ask for and the steps you can take to verify a customer agent's authenticity.
Conclusion
The evolution of FakeCall demonstrates the ever-growing sophistication of cyber threats targeting Android users worldwide. As these malicious programs become harder to detect and expand their capabilities, it is crucial for users to exercise caution when browsing online and to keep security software up-to-date to protect themselves from falling victim to such cunning scams.
