But in fact, this is a program for remote control of a smartphone
VTB Bank spoke about another dangerous fraudulent scheme: attackers call customers, introduce themselves as “technical support specialists” and offer to install the bank’s “official” application on their smartphone to check the device and search for vulnerabilities. After installing such an application, fraudsters get remote access to a smartphone and try to withdraw money from an online bank. VTB experts note that such calls can come through any communication channel, but mostly scammers call instant messengers. Calls via messengers are free, they can also be automated for massive attacks, plus there is the ability to hide the phone number and show the name of the organization or logo.
Fraudsters have learned to pretend to be technical support of the bank
For persuasiveness, attackers use the bank logo or the signature “Tech. support”. The client is informed that new connected devices or fraudulent transactions have been noticed in the personal account of his banking application. Then he is offered to download the bank’s “certified application” for checking his phone for vulnerabilities and is sent a link to a phishing site with installation instructions. After installation, the user is prompted to launch a new program, inform the “operator” of the identification number (which is the access code) and open their mobile bank.
As a result, fraudsters gain remote access to the device and confidential information on it, including online banking data, after which they begin attempts to steal funds. The application that the attackers are asking to install is actually a remote control program for Android devices. According to VTB experts, if earlier the victim was offered to go to the app store and download a third-party program, now the scammers have learned to create websites themselves and develop fake “tech support” applications that mimic banking services.