National Cyber Coordination and Command Centre (NC4) and MyCERT has received numerous reports of smartphones users being infected with malware through a phishing campaign involving Bank Negara Malaysia (BNM).
Loss of money of the affected victims, disclosure of personal information to unknown parties may escalate to further scams.
The scammer had disguised as law enforcement officers and made several telephone calls to the victims, claiming that the victims have been involved in money laundering activities. The scammer will then force the victim to cooperate and threaten them with an arrest warrant, later forcing them to download and install an unknown application.
The victim will then be provided with a malicious URL to download the apps through messaging service or telephone call if the victim fail to do so. Subsequently, victim found out that their money has been illegally transferred from their account. The modus operandi for the scam can be summarized in Figure 1 below.
A page with BNM's logo will be displayed when the victim clicked on the given link. Victim will then be led to click on the logo to download an application and install it on their device as in Figure 2 & Figure 4.
The application which disguised as a legitimate BNM application will require the victim to fill in their online bank credentials as in Figure 3 & Figure 5. It is suspected that, this is the method the scammer used to harvest victim's credential and subsequently gaining access to victim's bank account to perform money transfers.
The IP address and URLs used to spread the malicious installer has been identified and taken down now by the relevant authorities.
We advise members of the public to perform the following actions:
Source : National Cyber Coordination and Command Centre (NC4) Official Website