[Lex Computer & Tech Group/LCTG] Crooks hijacking calls to banks?

Thu Oct 19 15:02:00 PDT 2023

Gentlepeople,
As a followup and apologies for Yet Another Email: I've found out more
information; it may be caused by Android malware.  (If you have an iPhone
then (as far as I can see) you would not be affected, it affects Android
phones.)

My brief search gave me info that there's malware that may be the cause.
Victim's Android phone somehow gets infected with the Android.Fakebank
malware; this then redirects any calls the victim dials to telephone number
X (legit bank number) to another telephone number Y (crook's phone).
Apparently this sort of thing has been around since 2013.

See:
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/fakebank-intercepts-calls-banks
https://acgbizj3.advisorproducts.com/insights/consumer-alert-crooks-are-intercepting-calls-to-bank-phone-numbers-on-back-of-credit-cards-7
(I didn't watch the video)
https://www.bleepingcomputer.com/news/security/android-malware-intercepts-phone-calls-to-connect-banking-users-to-scammers/
https://www.digitaltrends.com/mobile/android-trojan-call-block/

On Thu, Oct 19, 2023 at 5:31 PM Steve Isenberg <smisenberg at gmail.com> wrote:

> Gentlepeople,
> I received an email today from a respected professional who said that
> there is a new danger when you call the telephone number on the back of
> your credit card.  There are apparently people who have found out how to
> hijack these numbers, so that when you think you are calling your bank you
> are instead calling a crook.
>
> Question: are you aware of any technology, methodology, back-door, or
> fault in some system(s) that allows this?
>
> My source says that to protect yourself, when you call, ask them to tell
> you something that they can only know about you if they have legitimate
> access to your account information, like the amount of your last deposit.
>
> Thanks for your insight,
> -steve
>
> PS: From my source's message:
> Some people have figured out how to hijack the phone numbers on the back
> of bank and credit cards, and probably phone numbers that you would find on
> a legitimate bank or credit card or other company website.
>
> [A woman] got a call from “Microsoft”, claiming that she had a charge of
> $2000 that had been “pre-authorized” by her bank. The caller said, look,
> you don’t have to trust me, call your bank to verify.
>
>
>
> [She] called the number on the back of her bank card, and got a “bank
> official” who tried to walk her through a familiar scam, asking her to
> withdraw her money from her bank account so that the “pre-authorized”
> charge would not be able to be withdrawn, and to bring the money to a
> bitcoin machine. Fortunately, she realized that something was very wrong,
> and stopped the process and asked for help.
>
>
> My source cited
> https://moneyful.com/blog/yikes-crooks-are-intercepting-calls-to-bank-phone-numbers-on-back-of-credit-cards
>
> Snopes does not know about this, yet.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.toku.us/pipermail/lctg-toku.us/attachments/20231019/b34f95f7/attachment.htm>