What it is?
A malware scam involves scammers using harmful software (malware) that secretly installs itself on your device to steal funds from your account and commit identity theft.
How it works?
1. Scammers send a malicious APK file through email or chat platforms, often disguised as a link or attachment. They may claim it's an important document, update, or app that needs immediate attention.
2. When the victim clicks on the link or attachment, the APK file prompts them to download and install an application on their phone. The app might appear to be legitimate, making it harder for the victim to suspect foul play.
3. Once installed, the app will ask for various permissions, such as the ability to monitor your device, access other applications, and recognise gestures. These permissions are crucial for the scammers to gain full control over the phone.
4. With these permissions granted, the scammers can remotely access and control the victim's phone. This includes reading messages, accessing personal information, and even making unauthorised transactions.
5. The malicious app may also display a fake payment page designed to capture sensitive information.
What do I do?
1. Be cautious when receiving links or attachments from unknown sources, even if they appear to come from someone you know. Always verify the source before downloading any file.
2. Only install apps from trusted sources like the Google Play Store and App Store. Avoid downloading APK files from links sent through emails or chats.
3. Install reputable security software on your device to detect and block malware. Regularly update your phone’s operating system and apps to protect against vulnerabilities.