A new security alert was issued related to the FakeCall malware that’s hijacking outgoing calls from users to their bank.
These attackers are trying to redirect the calls to their numbers instead — to steal sensitive credentials and funds from bank accounts. For those who might not be aware, FakeCall is another name given to banking trojans that focus on matters like voice phishing.
This is where victims end up getting deceived via fraudulent calls that impersonate the banks and request them to add sensitive details.
The matter regarding the dangerous trojan was first spotted in April 2022, including how real it sounded to those on the receiver’s end. Victims kept on getting tricked into assuming the call was actually from the bank.
Then another warning arose regarding FakeCall last year through a security report by CheckPoint. It proved how the software could mimic more than 20 financial institutions. At the same time, it was targeting people with scams like cheaper loans at low interest rates and even new evasion schemes to decrease detection rates.
Additionally, matters like voice phishing could capture live audio and video streams from devices infected. This enables attackers to steal data which was sensitive without having victims interact in between.
In case you’re wondering about hijacking calls, the software would prompt users to contact the bank via apps that mimic them. Fake screens would display the real number of the bank where victims were linked to scammers.
The newest version showed how such fake apps set themselves up as being the default call handler. They ask the user to approve the action after downloading apps via Android APK.
In the end, call handlers on the Android end manage all the calls and serve as the main linking point that dials, connects, and ends the phone call.
While malware prompts users to set them as default for call handling, it attains permission to intercept them and manipulate both those calls that come in and those going out.
Fake calls interface also mimic the real Android dialer and display trusted contact details with names. This elevates deception levels to an area that victims cannot differentiate real from fake.
It’s all very dangerous because when users try to make a call to the bank, they’re not aware of the call hijacking process taking place behind the scenes. It’s redirected to attackers’ number instead. All users get deceived in the end and display fake UI which appears as real on the Android interface displaying the real bank’s number.
This whole that they’re manipulated, users have no idea of what’s taking place. The fake UI will copy the real banking experience. This enables attackers to remove sensitive data and gain unauthorized access to bank accounts under the users’ ownership.
Image: DIW-Aigen
Read next: Microsoft's Q1 2025 Earnings Soar; LinkedIn Up 10%, Cloud Revenue Climbs 22%
These attackers are trying to redirect the calls to their numbers instead — to steal sensitive credentials and funds from bank accounts. For those who might not be aware, FakeCall is another name given to banking trojans that focus on matters like voice phishing.
This is where victims end up getting deceived via fraudulent calls that impersonate the banks and request them to add sensitive details.
The matter regarding the dangerous trojan was first spotted in April 2022, including how real it sounded to those on the receiver’s end. Victims kept on getting tricked into assuming the call was actually from the bank.
Then another warning arose regarding FakeCall last year through a security report by CheckPoint. It proved how the software could mimic more than 20 financial institutions. At the same time, it was targeting people with scams like cheaper loans at low interest rates and even new evasion schemes to decrease detection rates.
Additionally, matters like voice phishing could capture live audio and video streams from devices infected. This enables attackers to steal data which was sensitive without having victims interact in between.
In case you’re wondering about hijacking calls, the software would prompt users to contact the bank via apps that mimic them. Fake screens would display the real number of the bank where victims were linked to scammers.
The newest version showed how such fake apps set themselves up as being the default call handler. They ask the user to approve the action after downloading apps via Android APK.
In the end, call handlers on the Android end manage all the calls and serve as the main linking point that dials, connects, and ends the phone call.
While malware prompts users to set them as default for call handling, it attains permission to intercept them and manipulate both those calls that come in and those going out.
Fake calls interface also mimic the real Android dialer and display trusted contact details with names. This elevates deception levels to an area that victims cannot differentiate real from fake.
It’s all very dangerous because when users try to make a call to the bank, they’re not aware of the call hijacking process taking place behind the scenes. It’s redirected to attackers’ number instead. All users get deceived in the end and display fake UI which appears as real on the Android interface displaying the real bank’s number.
This whole that they’re manipulated, users have no idea of what’s taking place. The fake UI will copy the real banking experience. This enables attackers to remove sensitive data and gain unauthorized access to bank accounts under the users’ ownership.
Read next: Microsoft's Q1 2025 Earnings Soar; LinkedIn Up 10%, Cloud Revenue Climbs 22%
