A new malware campaign is surfacing, targeting users in Finland by using tricks, compelling users to install a fake McAfee app on their Android device which is a malware in disguise.
The scam begins with a text message instructing the recipient to call a specific phone number, where they are asked to install an app to protect them from hackers.
However, this app is not from the Google Play Store or any other official app store and requires sideloading, a major red flag. This malware app resembles the recent Vultur Banking Trojan campaign, which uses smishing and phone call attacks to convince victims to download a malicious app. If installed, the malware can wipe out bank accounts, as a victim has already lost $100,000 through this scam.
Read more: Gemini AI to undertake cybersecurity with Google Threat Intelligence
Android users who have accidentally installed this McAfee malware app are encouraged to reset their device’s Android settings and contact their bank immediately to enable protection measures for account safety.
How to stay safe from Android malware
To be safe, users need to be careful when installing new apps. Never sideload apps, and always check ratings and reviews before using any app. Use the official app store to download any app instead of downloading it from an Android APK file. Pay attention to the permissions requested and policies highlighted by the app, beware of Play Protect and consider installing a reputable Android antivirus app for added protection.
Additionally, be wary of text messages or phone calls from unknown numbers, and never provide personal information or click on suspicious links. Keep device and app operating systems up-to-date, and use strong passwords and two-factor authentication.