marry 20.11.2024, 12:30 PM
Cybercriminals have a new trick for infecting devices with malware: sending letters, real letters with a postage stamp, that contain malicious QR codes.
This is what happened in Switzerland where the National Cyber Security Center (NCSC) issued a public warning about letters sent by post purportedly from the Swiss Federal Office of Meteorology and Climatology (MeteoSwiss) inviting recipients to scan a QR code from the letter to install a new app for weather conditions on your Android smartphones.
However, according to the NCSC, the QR code link actually takes Android phone users to an app called Coper (also known as Octo2) that attempts to steal login information from more than 380 apps, including bank apps.
In addition, Coper allows hackers to gain remote access to infected devices and steal data from the devices, as well as spy on affected users.
The app promoted in the letters imitates the real weather app “Alertswiss” used in Switzerland, with the fake version’s name spelled slightly differently – “AlertSwiss”. The Coper malware can easily be customized to use different names, so it’s entirely possible that the app could use other names and not pretend to be a weather app at all.
What is unusual in this case is that cybercriminals distribute malware and links in large quantities via mail because the costs are far higher in this case compared to spreading malware digitally.
However, this tactic also has advantages for criminals. Many people will not be as suspicious of instructions that arrive in a physical letter compared to, for example, an email or text message. Moreover, many users have become accustomed to scanning QR codes in restaurants or in parking lots, and not checking to see if they have been taken to the right website.
NCSC asks recipients of the letters to report them and not follow the instructions in the letter.
Users who have already been scammed and have downloaded and installed the app are advised to factory reset their smartphone and change any login information that may have been compromised. Users are also advised to be vigilant, keep their devices updated with security patches, have antivirus protection and install apps only from official app stores.
Photo: Noelle Otto | Pexels
Source: www.informacija.rs
