{"id":20766,"date":"2020-07-07T14:27:18","date_gmt":"2020-07-07T18:27:18","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=20766"},"modified":"2022-04-27T14:50:14","modified_gmt":"2022-04-27T18:50:14","slug":"fakespy","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/fakespy\/","title":{"rendered":"\u201cSmishing\u201d Malware Uses Missed-Delivery Notification To Lure Victims"},"content":{"rendered":"

PSafe\u2019s dfndr lab has uncovered details about \u201cFakespy\u201d, malware that has a history of enticesing\u00a0 victims by promising information about a missed delivery via an SMS message. Phishing via SMS is also known as \u201cSmishing.\u201d And a third type of trap, \u201cVishing,\u201d uses voice data. \u2026Now you know.\u00a0 We hope these terms serve as a reminder that hackers are always inventing new approaches for getting your personal information, and they\u2019ll use any avenue open to them. Fakespy also shows that old malware code and scams are constantly being refurbished or re-used in new venues.\u00a0<\/span><\/p>\n

How Fakespy Entices Users<\/b><\/h3>\n

\u201cHackers are always looking for our soft spots,\u201d remarks Emilio Simoni, PSafe\u2019s dfndr lab Research Director \u201cand FakeSpy uses the natural excitement people have for receiving a package of some kind. Most people immediately want to know who sent you something, and what you might have received.\u201d<\/span><\/p>\n

Typically, this malware loads via a fake app posing as the website for your country\u2019s mail service \u2014 in America, the USPS; in England, the Royal Mail, and so on.\u00a0 The fake app is designed to look like the real thing, and once it downloads and the fake transaction is completed, it actually passes the user on through to the real USPS site, to avoid detection. Meanwhile, the malware has loaded, and a broad host of information stealing is underway: financial information, account information, app information, contact lists \u2014 Fakespy can even read other SMS messages.\u00a0 And, like most malware, Fakespy immediately begins its work to replicate itself by sending offers to its victims\u2019 contact lists.<\/span><\/p>\n

Permissions Required Provide a Warning\u2026<\/b><\/h3>\n

\u201cIt\u2019s a very sophisticated and still evolving malware,\u201d Simoni warns, \u201cthe people behind it have been refining its design for some time now.\u201d One strong warning-sign is that the app asks for extensive permissions \u2014 but many users have grown accustomed to approving these for sites they trust. \u201cIf the enticement of a missed package works and the fake mail-delivery site is compelling, it\u2019s easy to see how victims can get manipulated,\u201d Simoni says.<\/span><\/p>\n

What Can You Do To Stay Safe?<\/b><\/h3>\n

\u201cThe first thing to remember is that hackers are using every venue available to them to get their software on your devices,\u201d Simoni explains. \u201cAdd smishing and vishing to your malware vocabulary and keep in mind that callers and texters may not always be who they appear to be\u2014 or say they are.\u201d\u00a0\u00a0<\/span><\/p>\n

However hard you work to stay informed, a good protection solution \u2014 with a team behind you, is almost essential to stay one step ahead of all the various threats evolving in the digital landscape.\u00a0\u00a0<\/span><\/p>\n

The Best Protection, For The Worst Threats<\/b><\/h3>\n

An excellent way to protect yourself is to always keep a security installed on your phone. <\/span>dfndr security offers a full suite of security capabilities that can protect you not only from digital threat, but from everyday thieves as well. Click here to install for free.<\/a><\/strong><\/span><\/p>\n

(Remember, they steal devices and data too!)\u00a0<\/span><\/p>\n

These are the features dfndr security Pro offers to protect you:<\/b><\/p>\n

Safe App Installer: <\/b>AUTOMATICALLY protects you from malware and apps known to have had data breaches \u2014 before you install them.<\/span><\/p>\n

App Privacy Scan:<\/b> You can locate on a map where your app data is going and how it might be used by third-parties.<\/span><\/p>\n

Unlimited Identity Theft Reports: <\/b>These reports provide an \u201couter-perimeter\u201d defense, looking out for privacy vulnerabilities beyond your own device. These reports reveal if any of your information has been leaked, with a one-click check of a database with over 4 billion compromised credentials<\/span>.\u00a0<\/b><\/p>\n

Anti-theft Protection: <\/b>Protects against physical loss that leads to data loss: in case of theft or loss of your device, you can lock it down remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.<\/span><\/p>\n

Ad-Free: <\/b>As an extra bonus, Pro is totally ad-free.<\/span><\/p>\n

Stay Safer!<\/b><\/h3>\n

With dfndr security<\/strong><\/a> in your toolbox, the rest is a matter of staying as aware as you can.\u00a0 Follow a few simple rules to avoid and minimize digital damage:<\/span><\/p>\n