From Samsung to Google, Android smartphones are some of the most popular handheld devices around the world.
But if you use an Android smartphone, make sure you’re on the lookout for a new ‘missed delivery’ message.
Researchers from Cybereason have warned about a new type of malware called FakeSpy that can steal your personal details.
Ofir Almkias, a researcher at Cybereason, explained: “FakeSpy is an information stealer used to steal SMS messages, send SMS messages, steal financial data, read account information and contact lists, steal application data, and do much more.”
The malware first targeted Android users in South Korea and Japan, but is now being used against people around the world, including in the UK, US, China, Taiwan, France, Switzerland and Germany.
In the UK, the malware has been used to target Royal Mail app users.
Mr Almkias explained: “FakeSpy masquerades as legitimate postal service apps and transportation services in order to gain the users' trust.
“Once installed, the application requests permissions so that it may control SMS messages and steal sensitive data on the device, as well as proliferate to other devices in the target device’s contact list.”
Based on the findings, researchers are urging Brits to log on to the genuine delivery website and look up any expected deliveries from there.
Jake Moore, Cybersecurity Specialist at ESET, said: “Most scam artists won’t know details such as your name and address, but this doesn’t mean it is not a scam if those details are embedded in the message.
"If the message is genuine, there will usually be a physical note left behind for missed deliveries.
“Better still, individuals should log on to the genuine delivery website without clicking on any given link in a text, and look up the expected deliveries from there. If they don’t exist on the site, then you can block the scam text number.
“If users feel they have been conned into giving away details, they should think about upping their security and changing any passwords if they were divulged.”
