Monday, May 23, 2022
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Security

Banking Phishing Scam Found Impersonating Several Malaysian Apps

Targeting cleaning services and a pet store.

by Ikmal Rozlan
April 8, 2022
phishing scam

[Image: mohamed_hassan/Pixabay]

219
SHARES
4.4k
VIEWS
Share on FacebookShare on Twitter

Slovakian cyber security firm ESET Research has published a report detailing how malicious Android apps have been targeting customers of eight Malaysian banks. The campaign has been ongoing since late 2021 and apparently uses fake apps and websites of legitimate Malaysian companies to phish for banking credentials.

It was first identified when a Facebook user shared his experience of almost being scammed through an app impersonating the legitimate company Maid4u. Since then, a total of seven websites have been attributed to the impersonation campaign with the majority of them being cleaning services: Grabmaid, Maria’s Cleaning, Maid4u, YourMaid, Maideasy and MaidACall, and a pet store named PetsMore.

banking phishing scam fake e-shop app
Grabmaid: legitimate website on the left, copycat on the right. [Image: welivesecurity]

The copycat websites will direct users to download apps from the Google Play Store, although the buttons will instead lead the unsuspecting victims to servers under the scammers’ control. The attack will prompt users to enable “Install unknown apps” on their phones.

ADVERTISEMENT

The campaign is quite sophisticated as it will ask users to sign in after installing the app, though there’s no actual account validation and any input will be declared correct. The fake e-shop matches much of the interface of the real store and during checkout, presenting victims with an option to pay with a bank transfer.

banking phishing scam targeted banks
Targeted banks on fake FPX page. [Image: welivesecurity]

Users are then presented with a fake FPX payment page and given an option between eight banks: Maybank, Affin Bank, Public Bank Berhad, CIMB, BSN, RHB, Bank Islam Malaysia, and Hong Leong. Once they submit their banking details, they’ll receive an error message regarding their transaction. However, at this point, the bad actors have already received the credentials.

To finish the scam, the fake app also forwards all SMS to the operators in case they contain Two-Factor Authentication (2FA) codes sent by the bank. ESET notes that the phishing campaign is only operating in Malaysia for now, but doesn’t disqualify the possibility of it expanding to other countries later on.

(Source: ESET [1][2])

Tags: Bankingcyber securityESETPhishingScam
Back to top
Share88Tweet55SendShare

ADVERTISEMENT

RELATED ARTICLES

mrt putrajaya line phase 1
Transportation

MRT Putrajaya Line Phase 1 To Launch On 16 June

by Ikmal Rozlan
May 23, 2022

The MRT Corporation has revealed that Phase 1 of the long-awaited Putrajaya line will finally begin operating next month, after...

Read more
fuel station petrol pump
News

Government To Implement Targeted Fuel Subsidy

by Ikmal Rozlan
May 22, 2022

The government is planning to implement a targeted fuel subsidy mechanism instead of the current blanket subsidy currently enjoyed by...

Read more
airasia plane
Travel

Thai AirAsia X Files For Bankruptcy Protection

by John Law
May 22, 2022

Thai AirAsia X, the long-haul budget airline carrier that is under the AirAsia group, recently put it an application for...

Read more
Qualcomm Officially Announces Snapdragon 8 Plus Gen1 And 7 Gen1 Chipsets
Hardware

Qualcomm Officially Announces Snapdragon 8 Plus Gen1 And 7 Gen1 Chipsets

by John Law
May 21, 2022

Qualcomm officially launched the follow-up to its current Snapdragon 8 Gen1 flagship: the Snapdragon 8+ Gen1 SoC. In addition to...

Read more
Load More
No Result
View All Result

TRENDING TODAY

  1. 1
    Travel

    Thai AirAsia X Files For Bankruptcy Protection

  2. 2
    Hardware

    Illegear Unveils Flow External Liquid Cooling System For Laptops: Available For RM599

  3. 3
    News

    Government To Implement Targeted Fuel Subsidy

  4. 4
    Events

    Anyone Can Be A Filmmaker By Joining Samsung’s Short Film Competition!

  5. 5
    Security

    Banking Phishing Scam Found Impersonating Several Malaysian Apps

Lowyat.NET

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
    • Notebooks
      • Compu-zone
    • Smartphones
      • Thundermatch
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2022 LOWYAT MEDIA, LLC. ALL RIGHTS RESERVED.

We use cookies to improve your experience. Learn More.