Calling Your FI? You Could Be Calling a Hacker Instead
By: Jim Stickley and Tina Davis
February 18, 2025
When did calling your financial institution (FI) turn into calling a hacker instead? Well, there’s now an improved Android banking trojan named FakeCall that’s intercepting calls to FIs. It sounds hard to believe, but victims of FakeCall malware along with their financial accounts tell the story—and there’s more to know.
FakeCall Tricks
FakeCall reportedly has 13 new variations, with all making detection more difficult. One thing they all have in common is having you believe you’re speaking with your FI representative—after all, you’re the one who called them. Sharing login credentials, credit card numbers or banking details with your FI is part of proving you’re the real account holder. With FakeCall, you’re sharing that PII with an attacker.
What victims learn too late is the call to their FI using the legitimate phone number, was intercepted by an attacker using FakeCall. The malware knows when calls are made to FI’s, and that’s when attackers start stealing your sensitive PII. FakeCall also bypasses your device consent and gives itself other permissions without your knowledge, and that gives attackers total control over your device.
Hang Up on FakeCall
Like a lot of malware, FakeCall hides in bogus apps from third-party app stores. Getting apps from these unofficial stores is called sideloading and it’s very risky because they don’t check apps for malware to the degree that the official stores do. Stick with the legitimate Google Play Store, Apple Store, or whatever is official for your device. They scan for malware before making apps available.
Originally, the only language FakeCall used was Korean, but now it’s supporting English, Chinese, and Japanese. As with many cybercrimes, starting in a limited area before spreading out is common. So, for those of us in the U.S., keep your apps legitimate, because FakeCall could be just around the corner.
SUBSCRIBE TO WEEKLY NEWSLETTER
Online Banking Smishing Scam
