Mobile phone malware alert

June 12, 2013

RSA is reporting new malware that begins by infecting your PC and then tricks you into downloading malware to your smartphone. The malware is designed to intercept text messages that pertain to bank accounts. Here is what to watch for:

  • If you are on a banking site from your computer and a message comes up telling you to download an app or an update to your smartphone, this is a good clue that your computer is infected and needs attention. It may be presented as a needed security update or app to protect you when banking on your phone. 
  • The message will ask for your mobile phone number and what type of phone you have (Apple, Android, Blackberry, etc.).
  • It will then send a text to the phone with a download link.
  • The download is to a non-iTunes, non-Google Play Store. 
  • Once installed, it asks permission to use text messaging and then begins to run in the background and steal the texts it needs.

What should you do?

  1. Never  click on unexpected emails with links or attachments, no matter the sender. Visit established, well known websites. 
  2. Do not give your mobile number, phone information or even personal information out in response to unexpected requests. Call your bank's Customer Service to verify any requests for information.
  3. First Merchants will never have an app or update to download from a non-iTunes or non-Google Play Store site.  Never trust an unexpected text or email.  Again, call your bank to verify any update requests.
  4. Be careful of apps that ask for permission to use different services on your phone.