In the book, Is My Cell Phone Bugged? (just available this week), the chapter Spyware Scams, Misleading Notions & “Experts” warns readers about people who are taking advantage of them. This update is about a new scam.
Summary: Phoney anti-virus program attacks cell phone. Scam'er makes money.
via CA Security Advisory Research...
"We have seen countless number of rogue security products for Windows platform however this one is targeted to trick mobile users.
The sample masquerades itself as a certain AV (a bogus Kaspersky anti-virus program) for mobile and always reports that it has identified two threats in the mobile and pretends that it has encountered an error while trying to cure. It provides the users an error code as a reference token of the error scenario.
This sample is supposedly spread by some social engineering tricks where the users would have been provided with support numbers/email id to contact to resolve these error codes displayed in screen 5. This info was missing to conclude how the malware authors were actually getting the money.
As mentioned in our earlier blogs, the best defense against such social engineering tricks is the education of users coupled with a mobile security solution. With the exponential growth of the smart phone market, it is expected such kind of threats will be growing proportionately.
We advise users to exercise basic security principles while surfing and be skeptical of free downloads, and as always keep your security products up to date." (more)
The sample masquerades itself as a certain AV (a bogus Kaspersky anti-virus program) for mobile and always reports that it has identified two threats in the mobile and pretends that it has encountered an error while trying to cure. It provides the users an error code as a reference token of the error scenario.
This sample is supposedly spread by some social engineering tricks where the users would have been provided with support numbers/email id to contact to resolve these error codes displayed in screen 5. This info was missing to conclude how the malware authors were actually getting the money.
As mentioned in our earlier blogs, the best defense against such social engineering tricks is the education of users coupled with a mobile security solution. With the exponential growth of the smart phone market, it is expected such kind of threats will be growing proportionately.
We advise users to exercise basic security principles while surfing and be skeptical of free downloads, and as always keep your security products up to date." (more)
Is My Cell Phone Bugged? comes with free updates. For now, the updates will be posted here. Eventually they will only be available to purchasers, via private email.