Maybank warns of malicious SMSSpy campaign targeting Android users in Malaysia

Victims will be told to make payment to unfreeze their accounts and instructed to download the malicious app to complete the payment process. — Photo by Gilles Lambert on Unsplash

PETALING JAYA: Maybank has released an alert urging customers to refer to an advisory by the Malaysia Computer Emergency Response Team (MyCert) about the latest fraud campaign, known as SMSSpy, which is targeting Internet users in the country.

According to MyCert, cybercriminals are using the Android malware to steal victims’ online banking credentials.

“Once installed, this malicious app is able to view any SMS sent to the mobile phone, which includes obtaining TAC numbers to perform Internet banking transactions,” Maybank said in the post on Facebook.

ALSO READ: Bank scams increasingly targeting mobile users, says cybersecurity firm

A report by cybersecurity research firm WeLiveSecurity claimed that SMSSpy targeted Malaysian users exclusively when it was first identified in late 2021. It added that a campaign was launched to target customers of popular banks in Malaysia by exploiting the trend of online shopping via smartphones.

“Instead of phishing for banking credentials on websites, the threat actors have introduced Android applications into the chain of compromise, thus making sure they have access to 2FA (two-factor authentication) SMS messages the victim is likely to receive,” WeLiveSecurity said in its report.

To convince users to download the malicious app, MyCert said cybercriminals will typically pose as a person from a law enforcement agency and call victims to inform them that they have been involved in a criminal activity and that their accounts will be frozen.

ALSO READ: 75-year-old in SG lost S$1mil in China officials impersonation scam

The victim will then be told to pay a sum of money to unfreeze their accounts, and thus instructed to download the malicious app to complete the payment process.

MyCert added that cybercriminals are also deploying fake websites impersonating legitimate companies and placing ads on Facebook to persuade potential victims to visit these malicious websites, which aim to trick potential victims into both downloading the malicious Android malware and divulging their personal banking information.

According to MyCert, all eight fake websites impersonated services only available in Malaysia to target victims, namely Grabmaid, Maria's Cleaning, Maid4u, YourMaid, Maideasy, MaidACall, MyMaidKL and Petsmore.

To avoid financial losses and disclosure of personal data, MyCert urged smartphone users to always verify an application’s permissions and the app’s author or publisher before installing it, and to never click on suspicious links sent via SMS or messaging services.

Users should also only download apps from a trusted app marketplace and ensure their device’s operating system and apps are updated regularly. They are also urged to contact Cyber999 for any enquiries or assistance related to this threat.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News

Opinion: What we lose when ChatGPT sounds like Scarlett Johansson
IBM makes more AI models open source and lands Saudi Arabia deal
Hong Kong’s John Lee warns taxi drivers against targeting Uber with sting operations
Scarlett Johansson said no, but OpenAI’s virtual assistant sounds just like her
US flight attendant pleads not guilty to attempting to record teen girl in airplane bathroom
Sanofi partners with OpenAI, Formation Bio on AI-driven drug development
Google attacks Microsoft cyber failures in effort to steal�customers
Nvidia earnings could spark $200 billion swing in shares, options show
Apple releases iOS 17.5.1 update to fix bug that caused deleted photos to return
RHB introduces Apple Pay support, offers up to a total of RM90 cashback until July 31

Others Also Read