Google Chrome Scam – Android users are being warned
Android smartphone users should be on the lookout for another scam circulating around the world. This nasty new security threat tries to trick users into downloading malware via a fake Chrome update. With this web browser still the most popular in the world, it seems cyber thieves are using Chrome’s massive appeal in an attempt to fool as many people as possible.
According to the mobile security team at Pradeoenters the attack on devices via a fake text message that suggests users must pay customs fees to release a package with their name on it. A link is included in the text and, once clicked, suggests that their version of Chrome needs to be updated before the transaction can take place.
Anyone who agrees to the update is essentially downloading malware that can monitor the device and steal information, including bank details and credit card numbers.
To go unnoticed, the malware hides on mobile devices using the icon and name of the official Chrome app, but the package, signature, and version have nothing in common with the official app.
The worst part is that the malware then starts sending messages to other phones from the infected device. This mechanism ensures a successful propagation of the attack campaign.
READ MORE: Amazon is upgrading its Echo with new features, better sound, and a hidden security camera
“The cybercriminal behind this campaign is doing his best to stay under the radar of mobile security solutions,” said Roxane Suau of Pradeo.
First, they use the victims ‘phone numbers to speed up phishing SMS, to ensure that they are not blocked by the messaging apps’ spam filter.
Second, the malware uses obfuscation techniques and calls for remote code to hide its malicious behavior, thereby evading most threat detection systems.
“Third, once the app is identified and referenced by most antivirus programs, the cybercriminal simply repackages it with a new signature to get it back under the radar.”
Unfortunately, this type of attack appears to be on the rise with a number of similar threats announced in recent weeks.
If you have a mobile number in the UK, chances are you’ve received some fraudulent text messages in recent weeks about deliveries from couriers such as DHL, Hermes, Post Office and more. The widespread threat is so serious that all the major UK networks, including EE, Vodafone and Three, have sent warnings to customers urging them not to be fooled by the scam.
It is worth noting that this attack only works on Android as Apple does not allow external files to be downloaded and installed.
Check all Technology News here: Gaming Ideology