Scammers will always come up with new ways to trap victims, and all we can do is be extra careful while giving out our personal information to any unknown external sources.
On 31 January, a netizen named Alan Lee has published a Facebook post to share his knowledge about a phone scam case and urged netizens to not simply download mobile applications from unreliable sources.
“I came across a post about the case of a ‘phone fraud’ today. Due to my curiosity, I went to get the application from the victim and download it on my computer to do some code reverse,” he wrote.
He also warned the netizens not to download the application on their phone just because they are curious about it. He said he made the post only to explain why the application is so strong and how it can be used to scam people.
“First of all, the victims will say that they didn’t even receive the Transaction Authorisation Code (TAC) from the bank. Thus, how could they change my bank account password?” he wrote.
This is the mobile application as mentioned.
Alan then explained in his post,
“The answer is in this application. Basically, when you install this application into your mobile phone, all the SMS you receive will be automatically be forwarded to the ‘Scam Team’. This is because this application consists of some SuperUser (SU) permission, which allows them to read/send SMS, access your GPS location, and access your contact list.
“When you key in your bank account information into the application, their team will be able to log in to your bank account and change the password, as well as to change your limit and transfer all your money from your bank account. This happens because they already have your Identity Card (IC) and they are able to receive your TAC.
Alan also mentioned that he has found an Internet Protocol (IP), believed to be the backend Application Programming Interface (API) of the scam team. He has also reported the scam to the Malaysia Communications And Multimedia Commissions (MCMC).
Alan wrote,
“I hope that they can block these IP / websites throughout Malaysia. However, blocking them might just be a temporary solution as they can change and replace the new server at any time. Nonetheless, I hope that this post will be able to urge everyone not to download mobile applications from other sources except for Google Play Store and the Apple App Store!”
“Please do remind your family and friends around you, especially elderly people”
Alan also told World of Buzz that, this mobile application is an Android application that you can download into your phone via the Hoax URL page. However, he is unsure if it is available in Apple App Store as the victim only provided him with the link for the Android version. Please take note that it is strongly discouraged to download this application out of your curiosity if you do not know the consequences behind it.
As Alan says, please do not download the mobile applications from unreliable sources!
Also read: Beware! M’sian Shares Traumatising Experience Of Being Scammed RM15K By “LHDN” & “PDRM”
