Malware by the name of FakeCall is currently wreaking havoc by manipulating incoming calls on smartphones, facilitating so-called ‘vishing’ phone scams that seek to trick people into divulging personal information.

‘Vishing’, or voice phishing, is a fraudulent technique for obtaining personal information using phone calls. Here, scammers pose as trusted organisations (banks, utilities companies, ISPs, delivery companies, etc) to trick people into divulging highly sensitive data such as credit card numbers, access codes or identification details.

This phenomenon is currently on the rise due to malware called FakeCall, which is capable of capturing all incoming and outgoing calls, contacts and SMS messages stored on the smartphone. Hackers can then identify certain numbers and use them to call back would-be victims, while pretending to be a bank advisor, tax officer or delivery driver to persuade the victim to share confidential information. The aim of vishing is exactly the same as that of traditional phishing campaigns: to obtain personal data and use it for fraudulent purposes, from identity theft to online shopping.

To protect yourself against vishing, you need to be vigilant and adopt the same basic principles as for phishing. The golden rule, of course, is never to give out personal information over the phone if you're not the one making the call. When in doubt, hang up and call back the official number of the organisation or company in question to check that it wasn't a malicious call. You can also block all calls from unknown numbers in your smartphone settings, in the hope that malware doesn't compromise your device or its settings. – AFP Relaxnews