When it comes to cybercrime, hackers always face the same challenge – to fool their victims into making a mistake. And as people and security defences get smarter, hackers are having to be more creative in terms of phishing. Sometimes that means going old school.
Has the postman been delivering malware?
Phishing emails serve one purpose – to trick victims into compromising their own security. In fact, these scam messages are now so common, most people can identify them quite easily. Which is why some Swiss hackers have been using an alternative technique.
In this case, recipients received a letter by physical mail supposedly from the “Federal Office of Meteorology and Climatology in Switzerland”. Like a phishing email, the letter claims to have been sent by a legitimate government agency and includes a convincing “Federal Office for Metrology” logo.
The letter also includes a QR code, suggesting that recipients download a new Android smartphone app called “Severe Weather Warning App” for Android. When the code is scanned, the user is sent to a download page for the app.
What the unsuspecting victim doesn’t realize is that the link does not go to the Google Play Store. Instead, they are sent to a fake website that looks like the real thing. Worse still, the Swiss government really does offer a “Severe Weather Warning App”, making the letter even more convincing.
Tricked into downloading malware
Worse still, the “Severe Weather Warning App” contains malware called Coper (also known as Octo2). This particular malware can be used to intercepts two-factor authentication texts and push notifications – the sort required to log into a secure bank account. Coper also targets banking apps on Android devices, stealing sensitive information like credentials and other information needed to log into online accounts.
This means that anyone unlucky enough to install the fake app is at risk of theft and extortion.
How can Swiss residents protect themselves?
So how can users spot the difference between a legitimate app and a fake one? The Swiss government is urging citizens to pay close attention to both the letter and the download.Â
They highlight subtle differences in the logo or spelling that indicate something is wrong. The official app is called “Alertswiss” for instance (the fake app is slightly different – “AlertSwiss”.Â
It’s also worth remembering that the Federal Office for Metrology does not write personal letters to Swiss citizens.
Basic tips for protecting yourself
Sending physical mail is much more expensive than sending thousands of phishing emails, so it is clear that this technique works. And if it works in Switzerland, we can expect to see the method exploited elsewhere too.
To avoid becoming a victim in future:
- Be cautious when receiving physical mail with suspicious links or attachments.
- Verify the authenticity of any organization or app before downloading it. Check you have not been redirected to a fake app store.
- Use strong two-factor authentication and keep your devices up-to-date with the latest security patches.
- Always use reputable sources for apps, such as the official Google Play Store.
By staying informed and taking these precautions, you can help protect yourself from this new phishing scam and keep your Android device safe.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
Panda Free Antivitus
FREE TECHNICAL SUPPORT
