An app called Letscall has tricked Android users into phishing scams that can steal your banking and personal information.
ThreatFabrics, a tech company founded to identify hacking and phishing scams, said it identified the Android app that was causing the malware.
The technology company announced that Letscall contains this malware that collects your personal information and performs financial fraud.
Letscall infection begins when a victim visits a phishing website that impersonates a page on the Google Play Store.
When an Android user clicks the link to download the app, malware is sent to their phone.
ThreatFabric said it’s unclear how victims were tricked into visiting the phishing site, but likely it was through spam text or email messages.
In this case, a phishing scam attacked Android users after they downloaded an app that delivered malware to their phones.
However, phishing scams can also happen through text messages and phone calls.
ThreadFabrics said in the case of Letscall, the malware steals your personal and financial information by taking control of your Android device’s calling function.
The phishers can then make calls impersonating a financial institution.
Most read in “Phones and Gadgets”.
The call is then diverted to the scammer’s own call center when the victim tries to call their bank.
ThreatFabrics said this scam has only happened in South Korea so far.
They said that this malware’s abilities might attack other Android users as well.
“In other words, we are dealing with a ready-to-use framework that could be used by any threat actor as it contains all the instructions and tools to operate the affected devices and communicate with the victims,” said ThreatFabric.
It has yet to be determined who exactly is causing this scam via Letscall. Therefore, it is important to stay alert for possible phishing malware opportunities.
To avoid this Letscall infection, Android users should deny accessibility service access to suspicious apps.