Cops warn public of new scam using Android app
KUALA LUMPUR: Police have uncovered a new tactic by crooks to steal money from victims’ bank accounts via an Android package (APK) download.
The Director of the Federal Commercial Crime Investigation Department (CCID), Comm Datuk Mohd Kamarudin Md Din, said that crooks can hack into a victim’s phone after gaining access to it through an APK file uploaded by the victims who have “purchased” items online.
He said the scammers would advertise items for sale on social media so those who were interested would contact the “sellers” via WhatsApp.
“They will be instructed to download and install on their mobile phones an APK file link containing a fake application.
“The app will then take over from the buyer’s existing SMS system, and the buyer will need to register and fill in their personal and bank details before they can use the app.
“After pressing the ‘send’ button, an error message will be displayed because the app is not linked to any legitimate banking site,” he told a press conference yesterday.
Comm Mohd Kamarudin said the process was simply to give the scammers access to the content of the SMS and the buyer’s bank details.
“With enough information, scammers can transfer money from the buyer’s account without their knowledge.
“So far, five cases have been detected, with losses amounting to RM58,844.
“Three of the cases were detected in Johor, while one each was reported in Penang and Sabah,” he added.
Comm Mohd Kamarudin advised the public not to download APK files sent to their cell phones by strangers.
“Never install APK applications from illegitimate sources.
“The security of the SMS system of the phone should always be protected as it will receive an OTP (one-time password) from various applications installed on mobile phones.
“Never install SMS apps from untrusted sources,” he said.
The public can call the CCID Scam Response Center on 03-2610 1559/1599 for more details or advice.