Maybank warns of malicious SMSSpy campaign targeting Android users in Malaysia

Victims will be told to make payment to unfreeze their accounts and instructed to download the malicious app to complete the payment process. — Photo by Gilles Lambert on Unsplash

PETALING JAYA: Maybank has released an alert urging customers to refer to an advisory by the Malaysia Computer Emergency Response Team (MyCert) about the latest fraud campaign, known as SMSSpy, which is targeting Internet users in the country.

According to MyCert, cybercriminals are using the Android malware to steal victims’ online banking credentials.

“Once installed, this malicious app is able to view any SMS sent to the mobile phone, which includes obtaining TAC numbers to perform Internet banking transactions,” Maybank said in the post on Facebook.

ALSO READ: Bank scams increasingly targeting mobile users, says cybersecurity firm

A report by cybersecurity research firm WeLiveSecurity claimed that SMSSpy targeted Malaysian users exclusively when it was first identified in late 2021. It added that a campaign was launched to target customers of popular banks in Malaysia by exploiting the trend of online shopping via smartphones.

“Instead of phishing for banking credentials on websites, the threat actors have introduced Android applications into the chain of compromise, thus making sure they have access to 2FA (two-factor authentication) SMS messages the victim is likely to receive,” WeLiveSecurity said in its report.

To convince users to download the malicious app, MyCert said cybercriminals will typically pose as a person from a law enforcement agency and call victims to inform them that they have been involved in a criminal activity and that their accounts will be frozen.

ALSO READ: 75-year-old in SG lost S$1mil in China officials impersonation scam

The victim will then be told to pay a sum of money to unfreeze their accounts, and thus instructed to download the malicious app to complete the payment process.

MyCert added that cybercriminals are also deploying fake websites impersonating legitimate companies and placing ads on Facebook to persuade potential victims to visit these malicious websites, which aim to trick potential victims into both downloading the malicious Android malware and divulging their personal banking information.

According to MyCert, all eight fake websites impersonated services only available in Malaysia to target victims, namely Grabmaid, Maria's Cleaning, Maid4u, YourMaid, Maideasy, MaidACall, MyMaidKL and Petsmore.

To avoid financial losses and disclosure of personal data, MyCert urged smartphone users to always verify an application’s permissions and the app’s author or publisher before installing it, and to never click on suspicious links sent via SMS or messaging services.

Users should also only download apps from a trusted app marketplace and ensure their device’s operating system and apps are updated regularly. They are also urged to contact Cyber999 for any enquiries or assistance related to this threat.

Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Tech News

AI ‘supercharges’ online disinformation and censorship, report warns
Sam Bankman-Fried ‘lied to the world’ as he built crypto empire, prosecutors say
Meta expands generative AI tools to boost effectiveness of ads
Design software company Canva unveils AI tools to take on rivals like Adobe
Apple considered switching to DuckDuckGo from Google for Safari - Bloomberg News
South Korea's Doosan Robotics shares jump 127% in trading debut
US Commerce head backs legislation to address TikTok, threats
Bankman-Fried's lawyer says 'crypto was not for everyone.' FTX said the opposite
Google’s new virtual assistant to include Bard AI tools
Toyota and LG Energy sign battery supply agreement to power EVs

Air Pollutant Index

Highest API Readings

    Select State and Location to view the latest API reading

    Source: Department of Environment, Malaysia

    Others Also Read