According to a recent eScan research, German Android users are tricked by a well -drafted and convincing email which pretends to be an official email from PayPal app. The email requests the recipient to download a fake PayPal app update. The email, coming from Vietnam, Ukraine, Russia and India, was traced by our researchers. The downloading of the update leads to a Malware which requires Device Administrator privileges and some permissions like Change screen-lock password, lock the screen etc. The most surprising fact here is despite not granting Administrator privilege, the Malware was found to be running in the background, which makes it easy to track phone activity, i.e. track which app is running. The unique feature of this Banking Trojan is that it detects the legitimate PayPal app and puts up a fake UI on top of the real one once the app starts running. It effectively hijacks the PayPal session of the victim and steals his/her credentials.
Tips to safeguard yourself from Malware on Google Play:
- Use a trustworthy antivirus (eScan) on your Android phone and update it regularly.
- Always download apps only from their official website or Google Play Store, after checking or verifying.
- Download applications of a reliable app developer. In addition to it, check the user ratings, reviews of the app.
- It is always a good practice to read the permissions of the app, which is going to be installed for security.
- Open emails only if you are positive about the source.