Experts from VTB Bank have warned about a new fraud scheme: fraudsters have started calling their potential victims under the guise of bank technical support, offering to install an application on their smartphone to supposedly search for vulnerabilities. In reality, they are installing malicious software.
In the first stage, scammers, posing as specialists from the bank's technical support, contact the client. Calls are made through any communication channel, but mainly in messengers. For credibility, the bank's logo or the signature "Tech. Support" is used. The client is informed that new connected devices or fraudulent transactions have been noticed in their online banking application. Next, they are offered to download a supposedly "certified application" from the bank to check the phone for vulnerabilities, and a link to a phishing site with detailed instructions is sent, explaining how to install the application.
In reality, the application does not search for any vulnerabilities. It is a program for remote control of an Android smartphone. With the help of this software, attackers gain full remote access to the device, including confidential information and online banking data. After that, attempts to steal funds from accounts begin.
VTB notes that real bank employees will never ask a user to install any additional applications on their smartphone. And to protect yourself from calls from scammers in WhatsApp and Viber, you can install automatic caller ID from Yandex.
