Table of Contents
Last Friday, MyCERT released an advisory warning Malaysians of a “SMSSpy” campaign that is targeting Internet users in Malaysia to steal banking and personal information.
Before this, MyCERT has identified SMSSpy as a malicious application that disguises itself as a mobile antivirus and an application that tests mobile signals for Malaysians, purportedly created by the Royal Malaysian Police (PDRM).
SMSSpy Campaigns
MyCERT’s most recent advisory details how the SMSSpy campaigns are run: firstly, the malware will disguise itself as a law enforcement agency like PDRM and call the victim to inform them of outstanding debt or criminal activity, and that their bank accounts have been frozen. To unlock their bank accounts, the victim will then be asked to pay a sum of money by downloading a malicious Android application to complete the transaction.
Once downloaded, the malware can intercept received SMS messages and forward them to a remote site while collecting contact information including name, phone number, email address, street address, and more. It is also capable of modifying contact data with the intention to retrieve TAC numbers sent by banking institutions.
The second campaign uses phishing websites to steal the victim’s personal and banking information. The scammers typically target victims through Facebook by disguising themselves as online sellers or service providers using websites that look almost identical to the websites of legitimate service providers.
MyCERT has identified 8 service providers that have been used as a phishing front: Grabmaid, Maria's Cleaning, Maid4u, YourMaid, Maideasy, MaidACall, MyMaidKL, and Petsmore.
How to Avoid Getting Scammed
Along with the advisory, MyCERT has listed down a few suggestions and recommendations that Internet users should take note of to avoid getting scammed:
- Verify an application’s permissions, author, or publisher before downloading it.
- Only download from trusted sources; avoid side-loading (downloading from non-official sources).
- Do not click on suspicious URLs or adware sent through SMS or other messaging services.
- Run reputable anti-viruses on your mobile device and keep it updated.
- Update your smartphone’s operating system in order to avoid malicious exploits or security holes.
- Do not root or jailbreak your phone.
In light of recent reports of stolen bank funds without transaction notifications, do make sure to follow MyCERT’s advice and be vigilant when you are performing online transactions or giving out your personal information. Stay safe!
Read MyCERT’s full advisory here.