Android smartphones are being targeted with a new scam, which can lead to victims having their online banking information stolen if they answer the wrong call. The offending malware behind this threat is called BRATA, and had previously been found on dangerous apps that managed to sneak onto Google Play Store. The latest version of the malware was discovered by researchers from fraud management firm Cleafy, who said it’s capable of slipping past the vast majority of anti-virus scanners undetected.
It was recently discovered in Italy, after the malware had previously only been found in Brazil. But experts are warning it could spread further into Europe.
The scam begins with a victim being sent an SMS message allegedly from their bank which contains a link to a website. The text tries to convince the recipient to download an alleged anti-spam app.
The victim is also told that they will be contacted by a representative from their bank soon.
If they click on the link in the text message the Android user will be sent to a phishing page designed to steal sensitive information such as online user credentials or answers to crucial security questions.
After a victim has visited the bogus site, a scammer will call up pretending to be from their bank and try to persuade them to download the malicious ‘anti-spam’ app.
The bogus app will require multiple permissions to be installed which let scam artists take control of an infected device, record what’s taking place on screen, access…