“Smishing” Malware Uses Missed-Delivery Notification To Lure Victims

PSafe’s dfndr lab has uncovered details about “Fakespy”, malware that has a history of enticesing  victims by promising information about a missed delivery via an SMS message. Phishing via SMS is also known as “Smishing.” And a third type of trap, “Vishing,” uses voice data. …Now you know.  We hope these terms serve as a reminder that hackers are always inventing new approaches for getting your personal information, and they’ll use any avenue open to them. Fakespy also shows that old malware code and scams are constantly being refurbished or re-used in new venues. 

How Fakespy Entices Users

“Hackers are always looking for our soft spots,” remarks Emilio Simoni, PSafe’s dfndr lab Research Director “and FakeSpy uses the natural excitement people have for receiving a package of some kind. Most people immediately want to know who sent you something, and what you might have received.”

Typically, this malware loads via a fake app posing as the website for your country’s mail service — in America, the USPS; in England, the Royal Mail, and so on.  The fake app is designed to look like the real thing, and once it downloads and the fake transaction is completed, it actually passes the user on through to the real USPS site, to avoid detection. Meanwhile, the malware has loaded, and a broad host of information stealing is underway: financial information, account information, app information, contact lists — Fakespy can even read other SMS messages.  And, like most malware, Fakespy immediately begins its work to replicate itself by sending offers to its victims’ contact lists.

Permissions Required Provide a Warning…

“It’s a very sophisticated and still evolving malware,” Simoni warns, “the people behind it have been refining its design for some time now.” One strong warning-sign is that the app asks for extensive permissions — but many users have grown accustomed to approving these for sites they trust. “If the enticement of a missed package works and the fake mail-delivery site is compelling, it’s easy to see how victims can get manipulated,” Simoni says.

What Can You Do To Stay Safe?

“The first thing to remember is that hackers are using every venue available to them to get their software on your devices,” Simoni explains. “Add smishing and vishing to your malware vocabulary and keep in mind that callers and texters may not always be who they appear to be— or say they are.”  

However hard you work to stay informed, a good protection solution — with a team behind you, is almost essential to stay one step ahead of all the various threats evolving in the digital landscape.  

The Best Protection, For The Worst Threats

An excellent way to protect yourself is to always keep a security installed on your phone. dfndr security offers a full suite of security capabilities that can protect you not only from digital threat, but from everyday thieves as well. Click here to install for free.

(Remember, they steal devices and data too!) 

These are the features dfndr security Pro offers to protect you:

Safe App Installer: AUTOMATICALLY protects you from malware and apps known to have had data breaches — before you install them.

App Privacy Scan: You can locate on a map where your app data is going and how it might be used by third-parties.

Unlimited Identity Theft Reports: These reports provide an “outer-perimeter” defense, looking out for privacy vulnerabilities beyond your own device. These reports reveal if any of your information has been leaked, with a one-click check of a database with over 4 billion compromised credentials. 

Anti-theft Protection: Protects against physical loss that leads to data loss: in case of theft or loss of your device, you can lock it down remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.

Ad-Free: As an extra bonus, Pro is totally ad-free.

Stay Safer!

With dfndr security in your toolbox, the rest is a matter of staying as aware as you can.  Follow a few simple rules to avoid and minimize digital damage:

• Take extra care with any link from an unknown source — and be extra wary if it promises a surprise of some kind. Check your curiosity!
• Don’t click on any links sent to you via email or SMS from unknown people.  And if you get a link from somebody you know, ask: WHY would he / she send me this?
• Only download or install software from trusted sources!
• Make sure you do regular backups on your machines!

Be careful, and we’ll keep you informed as always, whenever we hear more about Fakespy, or any other major threats!