|
|
HOW DOES THE SCAM WORK?
|
|
Scammers
pretend to be
online
sellers
seeking to sell
products at a
discounted price.
Upon clicking the
scam
advertisement/promotions
on social media,
victims receive a
download link
(commonly in APK
format) via
chat/email inbox for
them to supposedly
make a payment,
which ultimately
goes to the scammer.
|
|
|
|
During
the installation
process, the new
app will request
certain mobile
device
permissions
which includes the
SMS services.
|
|
|
|
When
the victim
attempts to make
payment from the
app, they will
be directed to a
fake lookalike
bank
webpage
that allows the
scammers to obtain
the victim’s bank
account details when
the victims key in
their login
credentials into it.
|
|
|
|
As
scammer gains
control of the
login
credentials and
the SMS
service,
they are now able to
perform illegal
transfers unknown to
the victim.
|
|
|