Meet CallerSpy malware, a new form of mobile malware designed to snoop on calls, texts, and other smartphone communications. This trojan malware is targeting Android users by tricking them into downloading a fake chat app called Apex App. However, despite being advertised as a chat application, CallerSpy doesn’t really contain any chat capabilities. In fact, researchers describe the app as “riddled with espionage features.”
How exactly does this spy begin its reconnaissance mission? According to ZDNet, once the fake app is downloaded and launched, it connects to a server that directs the malware to start snooping on the device. From collecting call logs, text messages, contacts, and device files to being able to activate the phone’s microphone and taking screenshots, CallerSpy does it all. Once this data has been stolen, it’s then periodically uploaded to the cybercrook. And since cybersecurity researchers have only recently uncovered this malware, it is still unknown what this stolen data is being used for. What’s clear is that CallerSpy is no misnomer and users need to be prepared.
So, what are some proactive steps users can take to avoid being spied on by CallerSpy? Follow these tips to avoid this malware’s prying eye:
- Watch what you download. The best way to know if an app is malicious or not is to check for typos and grammatical errors in the description, look at the download statistics, and read what other users are saying.
- Be selective about which sites you visit. Only use reputable, well-known, and trusted sites. One way to determine if a site is potentially malicious is by checking its URL. If the URL address contains multiple grammar or spelling errors and suspicious characters, avoid interacting with the site altogether.
- Surf the web securely. You can use a tool like McAfee WebAdvisor, which will flag any sites that may be malicious without your knowing. The best part – it’s free!