Imagine this: you’re unlocking your phone as usual, but this time, you’re not just accessing your device—you’re giving hackers an open door. Trickmo, a crafty malware spread through phishing, disguises itself as your phone’s regular lock screen to steal your PIN or unlock pattern. Once hackers have this, they can access your phone remotely, even when it’s locked.
Trickmo is cunning—it looks exactly like your normal Android unlock screen. However, it’s a fake webpage, designed to secretly collect your PIN or unlock pattern and send it to attackers. With this data, hackers can access your phone remotely, targeting sensitive apps like banking, email, or work tools. Beyond passwords, Trickmo can also capture credentials for VPNs and internal systems, leading to significant financial or data breaches.
What-to-do’s
Make sure to check off all actions, this will have a positive effect on your Behavioural Risk Score.
Lessons learned
Trickmo spreads via phishing campaigns and has affected users globally. As mobile devices increasingly become prime targets for cyber-attacks, it’s vital to stay ahead of phishing tactics.
Note – this is part of our ongoing Cyber awareness and training from Phished Academy.