A dangerous banking Trojan, named Acecard, asks android users to send a selfie holding their ID card.This threat tricks users into installing the malware by pretending to be an adult video app or a codec/plug-in necessary to see a specific video.The moment the app is executed by the user, it hides itself from the home launcher and then asks for device administrator privileges, in an attempt to make its removal, difficult and tedious.Once validated, the phishing tactic asks for super-personal information such as the cardholder’s name, date of birth, phone number, credit card expiration date and CCV as well.
http://www.dnaindia.com/scitech/report-android-hack-malware-acecard-selfie-id-card-2264336
Interesting article Vaibhav. Very scary, and hopefully people aren’t gullible enough to send a selfie of their ID card, especially if its related to an adult video app..I’m sorry, but if you get tricked into doing this, then its your fault.
Perfect example of social engineering at its best. Sit back and let the end users feed you all the information you need without a care in the world.
Wow. Thanks for sharing Vaibhav. This is a very low-tech scheme that could cause a lot of trouble for users that think this is just a new security feature. I can see a lot of folks falling for this type of scam and how it can create a lot of hassle for them. There is such a strong need for cyber awareness and education to the general public.