Malicious Malware Monitoring You

adtadmin September 16, 2016
hacker-proof telephones

Don’t fall for ‘spoofing’

A local resident recently spoke with his dental office on his smartphone.  After disconnecting, his smart phone began to ring again.  The caller identified herself as being from his dental office and demanded a credit card payment.  Something wasn’t right, as he had JUST spoken with them.  He quickly double-checked the Caller ID (spoofed Caller ID) to verify it listed his dental office as the caller.spoofing hacker-proof telephones

He wisely disconnected the call and went to the office to ask the staff about the situation. The staff had indeed NOT made the second (payment demand) call to the patient.  The call looked legitimate to the patient, but something was clearly not right.
Upon contacting his cellular provider, the patient discovered his phone had actually been infected by a Malware/Spyware Trojan that was capturing his phone calls and text messages.
Caller ID spoofing is the practice of causing the telephone network to indicate to the receiver of a call that the originator of the call is a station other than the true originating station. For example, a Caller ID display might display a phone number different from that of the telephone from which the call was placed. The term ‘spoofing’ is commonly used to describe situations in which the motivation is considered malicious by the speaker or writer.

Here is how this Spyware works:

The Malware/Spyware is installed on the smart phone by masquerading as “Android security”. The spyware payload can be delivered to the smart phone device through many methods but is primarily dropped onto the device disguised as a security update. There are warning signs such as the application requesting elevated permissions which appears as a prompt for the user to accept. DO NOT ACCEPT unless you have verified the legitimacy of the update with your cellular provider.

Once the Spyware is attached to the smart phone, it monitors the incoming and outgoing phone calls and text messages. This malware captures caller ID information and called numbers.  The collected information is then sent to a ‘command and control (CnC) server’ where the hackers harvest the data and implement some kind of Social Engineering Scheme such as the above described event where the Hacker pretended to be the dental office demanding payment.

Three things you can do to avoid and protect against these threats:
  1. Never give out any information over the phone from an incoming call.  Always initiate the call back to the calling party using their published number.
  2. Protect your mobile devices (Android AND iPhone) using mobile security software such as Lookout mobile. We do, and there is a no-cost version.
  3. If you are conducting business on your smart phone, you should have a professional managing the updates and security just like you do for your business office computers. Smart phones ARE computers, and are more vulnerable because they are mobile and typically not as well protected.
These hackers are bold.  They use easy to configure systems that mask the caller ID information.  Their calls appear legitimate because the Caller ID lists someone you know or trust.  Be wise – if something about the call isn’t right, act quickly!

 

Contact Action DataTel at 541.494.2099 for more information about mobile device management (MDM) to protect your smartphones and tablets. 

We like helping people stay secure!

Eric