"Android Security Warning: Telephone-Oriented Attack Delivery (TOAD)"

People are being tricked by an Android banking malware attack into entering their phone number and other sensitive information into phishing websites, which cybercriminals then use to call victims and further deceive them into installing malware on their smartphones. Attackers are applying the Telephone-Oriented Attack Delivery (TOAD) technique to infect Android users with Copybara Android banking malware in order to steal usernames and passwords for online banking accounts as well as other information that could be used to bypass security questions. ThreatFabric cybersecurity researchers have detailed the campaign, warning that it is targeting multiple banks and their customers. The attacks start with SMS phishing messages containing a link that appears to be from an online bank. If the victim opens the link, they are directed to a different page depending on which bank is impersonated, but researchers say the attackers have impersonated several banking websites. Each fake banking website requires the user to enter similar information, such as an account number, PIN code, and phone number. However, the malware is not installed through these phishing links. Instead, anyone who fills out the forms is told that a "support operator" will contact them, and then they get a phone call. The call, which purports to offer assistance to the Android user, is actually from a scammer who drives the victim into installing what they believe is security software on their device. This is done under the guise of providing remote support to the victim, but what is actually happening is that the cybercriminal gains control of the device in order to commit further fraud. This article continues to discuss the TOAD campaign aimed at spreading the Copybara Android banking malware. 

ZDNet reports "Android Security Warning: Telephone-Oriented Attack Delivery (TOAD)"