THE STRAITS TIMES – The Malaysian police have discovered a new tactic by scammers to steal money from victims’ bank accounts through an Android Package (APK) download.
Federal Commercial Crime Investigation Department director Mohd Kamarudin Md Din said scammers could hack into a victim’s phone after gaining access through an APK file downloaded by victims who “purchased” items online.
He said scammers would advertise items for sale on social media so that those who were interested would contact the “sellers” via WhatsApp.
“They will be instructed to download and install on their mobile phones an APK file link containing a fake application.
“The application will then take over the buyer’s existing SMS system, and the buyer has to register and fill in personal and banking details before they can use the application.
“After pressing the ‘send’ button, an error message will be shown as the application is not linked to any legitimate banking sites,” Mohd Kamarudin said at a press conference
Mohd Kamarudin said the process was merely to give scammers access to the content of the buyer’s SMS and banking details.
“With enough information, the scammers can transfer money from the buyer’s account without their knowledge,” he said.
He said the police have detected five such cases so far, with losses amounting to MYR58,844 (BND18,900).