Maybank warns of malicious SMSSpy campaign targeting Android users in Malaysia

Victims will be told to make payment to unfreeze their accounts and instructed to download the malicious app to complete the payment process. — Photo by Gilles Lambert on Unsplash

PETALING JAYA: Maybank has released an alert urging customers to refer to an advisory by the Malaysia Computer Emergency Response Team (MyCert) about the latest fraud campaign, known as SMSSpy, which is targeting Internet users in the country.

According to MyCert, cybercriminals are using the Android malware to steal victims’ online banking credentials.

“Once installed, this malicious app is able to view any SMS sent to the mobile phone, which includes obtaining TAC numbers to perform Internet banking transactions,” Maybank said in the post on Facebook.

ALSO READ: Bank scams increasingly targeting mobile users, says cybersecurity firm

A report by cybersecurity research firm WeLiveSecurity claimed that SMSSpy targeted Malaysian users exclusively when it was first identified in late 2021. It added that a campaign was launched to target customers of popular banks in Malaysia by exploiting the trend of online shopping via smartphones.

“Instead of phishing for banking credentials on websites, the threat actors have introduced Android applications into the chain of compromise, thus making sure they have access to 2FA (two-factor authentication) SMS messages the victim is likely to receive,” WeLiveSecurity said in its report.

To convince users to download the malicious app, MyCert said cybercriminals will typically pose as a person from a law enforcement agency and call victims to inform them that they have been involved in a criminal activity and that their accounts will be frozen.

ALSO READ: 75-year-old in SG lost S$1mil in China officials impersonation scam

The victim will then be told to pay a sum of money to unfreeze their accounts, and thus instructed to download the malicious app to complete the payment process.

MyCert added that cybercriminals are also deploying fake websites impersonating legitimate companies and placing ads on Facebook to persuade potential victims to visit these malicious websites, which aim to trick potential victims into both downloading the malicious Android malware and divulging their personal banking information.

According to MyCert, all eight fake websites impersonated services only available in Malaysia to target victims, namely Grabmaid, Maria's Cleaning, Maid4u, YourMaid, Maideasy, MaidACall, MyMaidKL and Petsmore.

To avoid financial losses and disclosure of personal data, MyCert urged smartphone users to always verify an application’s permissions and the app’s author or publisher before installing it, and to never click on suspicious links sent via SMS or messaging services.

Users should also only download apps from a trusted app marketplace and ensure their device’s operating system and apps are updated regularly. They are also urged to contact Cyber999 for any enquiries or assistance related to this threat.

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Tech News

German court lets Tesla ads continue referring to autonomous driving
OK Google, get me a Coke: AI giant demos soda-fetching robots
Russia fines streaming site Twitch over 31-second 'fake' video - agencies
Redwire to launch first commercial space greenhouse in 2023
Metals logistics platform Minehub signs up Sumitomo Corp
Losses from crypto hacks surged 60% to $1.9 billion in Jan-July -Chainalysis
Germany: One dead, nine injured after test car veers into traffic
Buy-now-pay-later firms switch from Gen Z shoppers to businesses
Apple supplier BOE, others say operations hit by Sichuan power rationing
China-born scientist targeted by US ‘discovers world’s best semiconductor’

Others Also Read