Android Malware Scammers Will Now Do a Factory Reset of Victims’ Phones After The Scam

Factory reset. A nifty option meant to salvage your phone in the worst-case scenario.

Image: IPVanish

Or at least, that’s what it was supposed to do.

Android Malware Scammers Will Now Do a Factory Reset of Victims’ Phones After The Scam

It appears that Android malware scammers have a new modus operandi, and it’s every bit as insidious as you could imagine.

So, lest you’re unaware, more than 750 scam victims have lost an accumulated total of over $10 million in the first half of 2023 alone, and it can be attributed to the presence of… malware.

Apart from carrying out unauthorised banking transactions, the malware also “resets” the phone in question, effectively “blinding” victims for a while.

The scammers first attract the attention of potential victims through postings on social media platforms, where they advertise services such as food purchases and home cleaning.

The victims would then make contact with the “sellers”.

Once common ground has been established, the victims will receive a web link over the relevant messaging platform. This link prompts them to install a certain Android application that, as you may’ve guessed, is something you really don’t want to have on your phone.

This step is also what the resident blue cat has termed “social engineering”, an act that manipulates people into performing acts that compromise security. But more on that later.

So, under the premise of making a deposit, victims would then be instructed to PayNow $5 for their desired “service”.

It’s during this particular payment process that the victim’s Internet banking details are retrieved. And this is all thanks to the malware’s key-logging function.

The scammers would then siphon off the bank accounts before performing a factory reset on the device.

All user data and settings are subsequently erased, and victims can only realise the cold truth by calling their respective banks or reinstalling the relevant bank app.

In essence, the move buys the scammers more time for their “getaway”.

How to Prevent It?

The first rational decision would be to stay away from questionable advertisements online, but that’s easier said than done. With scam techniques getting increasingly advanced, it’s getting harder to differentiate between real and fake.

For instance, scammers are now using bots to leave positive reviews, deluding victims into thinking that the advertisement in question is legitimate and trustworthy.

Plus, deceptive tactics such as issuing “professional-looking” invoices further deceive victims into falling for the scam.

The second way, as implied in the following video, is to get an iPhone. Particularly for the less tech-savvy personnel out there.

After all, unlike Android phones, iPhones have a certain protocol that totally disallows the installation of untrustworthy apps. So, if you have folks who aren’t that proficient with technology, getting an iPhone might actually be better. For now, anyway.

The relevant authorities have also recommended certain precautionary measures, such as installing the ScamShield app (the legitimate one), turning on security features like two-factor authentication and setting transaction limits per day.

Meanwhile, the Singapore Police Force has advised the public to check for certain information when installing an app, such as the developer information, the number of app downloads and app user reviews.

Users should also only download from official app stores, avoid shady platforms, and avoid granting permission (for access to device data) for unknown apps.

In general, the public should be wary of suspicious advertisements, apps and payment requests. As the saying goes:

“If it sounds too good to be true, it probably is.”

What if Malware Enters My Phone?

If malware invades your phone, you can practice a few safety steps.

Firstly, make sure your phone is on flight mode and turn off the Wi-Fi.

Next, utilise antivirus software to run a scan before using another separate device to check for unauthorised transactions.

If there are any, report it to the bank and police.

Even after reasonable assurance that your phone has not been infected, you should still operate it in safe mode first. Suspicious apps should be deleted.

You can also factory reset your phone as an added measure. Passwords should be changed as well.

Scams

It should be noted that of the aforementioned S$10 million, at least S$218,000 were CPF savings.

Some of the CPF money has, however, since been recovered.

In June, nine suspects were arrested, with one of them being just 16 years old.

You may be reassured to know that the Monetary Authority of Singapore (MAS) is currently working closely with banks to “progressively introduce additional measures” to combat such malware scams.

Back in August, OCBC became the first bank in Singapore to block access to OCBC bank accounts if the mobile phone has other apps on it that are either:

  • Downloaded from websites and sources other than the official app stores
  • Have the ‘Accessibility’ permission turned on

This has prevented some users from losing money to scammers, but it has also drawn some negative feedback from others after apps like Alipay were among those flagged out by the new feature.

Some people even called out OCBC for using this feature to spy on them.

The police did say, however, that “while there may be some measure of added inconvenience for customers, these additional anti-malware measures are necessary to protect customers from malware-related scams.”

If you wish to know more about scams, you can go to www.scamalert.sg or dial the anti-scam hotline at 1800-722-6688.

You can also follow the Singapore Police Force Scam bulletin board here for more info on the latest scams.