Launching Phishing and Spam attacks on Android with Customized Notifications
by Sencun Zhu and Zhi Xu
Existing notification service on Android is lack of view authentication information. Any installed app could abuse the notification service to launch phishing and spam notification attacks. Further, by customizing the displayed notifications carefully, the sender app can prevent being tracked by victim smartphone users.
Notification service is a popular system service provided by Android platform to third party apps. To facilitate the app development, Android allows the installed third party apps to send customized notifications while running in the background.
In this article, we show that it is feasible for an installed trojan app to launch both phishing and spam attacks using notification services while hiding it from being noticed by the phone user. For example, an installed trojan app may generate a fraudulent notification that mimics the Facebook notification and leads the user to a fraudulent login view that steals the Facebook account and passwords. Also, it can send annoying unsolicited ads anonymously without exposing its identity.
[download id="209" format="4"]