MandM
Senior Member
I tried searching for an existing thread on this, but couldn't find anything.
My elderly dad is gullible and just tech-savvy enough to be a danger to himself. This morning he saw a Facebook ad showing that DSTV offers free decoder updates (see the attachment) . He clicked on the link which took him to what seemed like an automated WhatsApp message. This was followed by a WhatsApp phone call (I checked now, the number 0646266866 appears as South African Airways on TrueCaller) where he was instructed to open the DSTV app and look under "Rewards". The caller (a female with a South African accent) then told him that the app is outdated and he must check the Playstore to update the app. Of course there was no update... The scammer then sent a link so that my dad could install the so-called update, when the usual prompt by Android appeared that this is not safe, he continued (face-palm). This malware appeared just like the DSTV app. He was asked to enter numbers on the app, which I assume gave them access to his phone. After this they had access to his details and asked him to confirm his name, age and email address. So all sounded legitimate to him and they confirmed that delivery would take place.
Later this morning he went to the shop and his card was declined. He logged into his banking app and saw that his account was in the red. He thankfully had the presence of mind to phone the bank who confirmed suspicious activity and helped him to block his accounts. Interestingly, he received no notifications that any transactions had taken place.
He has opened a case with the police and we will try to figure out how much money is missing once we have access again.
This sounds to me like this Octo v2 app:
www.tomsguide.com
Thought I would just post this here as a warning to others.
My elderly dad is gullible and just tech-savvy enough to be a danger to himself. This morning he saw a Facebook ad showing that DSTV offers free decoder updates (see the attachment) . He clicked on the link which took him to what seemed like an automated WhatsApp message. This was followed by a WhatsApp phone call (I checked now, the number 0646266866 appears as South African Airways on TrueCaller) where he was instructed to open the DSTV app and look under "Rewards". The caller (a female with a South African accent) then told him that the app is outdated and he must check the Playstore to update the app. Of course there was no update... The scammer then sent a link so that my dad could install the so-called update, when the usual prompt by Android appeared that this is not safe, he continued (face-palm). This malware appeared just like the DSTV app. He was asked to enter numbers on the app, which I assume gave them access to his phone. After this they had access to his details and asked him to confirm his name, age and email address. So all sounded legitimate to him and they confirmed that delivery would take place.
Later this morning he went to the shop and his card was declined. He logged into his banking app and saw that his account was in the red. He thankfully had the presence of mind to phone the bank who confirmed suspicious activity and helped him to block his accounts. Interestingly, he received no notifications that any transactions had taken place.
He has opened a case with the police and we will try to figure out how much money is missing once we have access again.
This sounds to me like this Octo v2 app:
Octo2 banking trojan is taking over Android phones and stealing cash — how to stay safe
Plus it's hiding inside legit apps
Thought I would just post this here as a warning to others.
