I generally only write articles on physical and mental health, but the other day I had an experience that affected my mental health in a big way — at least for a few hours.
I’m talking about fraud.
I am a little embarrassed, as I should have recognized red flags earlier, but I hope those other trusting individuals who read this article will take some precautions to prevent fraud from happening to them.
The fraudster phoned my cell from the RBC phone number (which was obviously spoofed) to let me know that my credit card had been used in Toronto for a $2,000 purchase, and to verify if it was me. It wasn’t.
What followed then was a very legitimate conversation which led to him gaining access to my Royal Bank app. He showed me many international wire transfers being transferred out as we spoke. I panicked but soon realized that the ‘agent’ helping me was actually scamming me in an elaborate fraud.
I told him I would call the number on the back of my credit card and he told me that I would be on hold for too long and I wouldn’t be following RBC protocol for preventing fraudulent wire transfers. The information he had, which seemed to attest to the legitimacy of the call, was gained by accessing my phone with the malware embedded in the link he had sent me from 236-969-6488. The link was rbcsecureonline.com.
I hung up and he called me back several times, of which I didn’t answer. I called the number on the back of my credit card, talked to the actual Royal Bank anti-fraud department, who told me to turn off my phone, go immediately to my RB branch, cancel my credit cards, change my passwords and take my phone to be cleaned.
This was an incredibly distressing situation and I am surprised and embarrassed that I didn’t catch it earlier, but these scammers are good at using one’s fear to establish urgency (not to mention they call very early in the a.m. and wake up their victims). What I should have done differently: I should not have carried on with the call, but hung up immediately and called the number on the back of my credit card. I shouldn’t have reacted to the urgency of it. I should not have clicked on any links sent me (from the separate number).
Malware scams on Android devices are becoming increasingly sophisticated, often tricking users into downloading harmful apps or clicking deceptive links. These scams can lead to severe consequences, including data theft, unauthorized financial transactions, and complete loss of control over your device.
Here is some other information that I found online about phishing and scamming:
1. Fake ads and too-good-to-be-true offers
Scammers often create fake advertisements on social media platforms or send messages offering promotional or limited-time offers such as discounted groceries, free concert tickets or courses, vacation deals, or gift cards. These offers are created to grab our attention and create a sense of urgency. Urgency is one the main things scammers (or any television/internet marketing) use to get one to act quickly, as ‘fear of missing out’ is a common human trait.
2. Downloading malicious apps
To claim a fake offer, victims are often instructed to download a legitimate looking app that may be similar to a popular shopping or banking platform. However, these apps may be embedded with malicious coding that installs malware on phone or tablet, etc, giving the scammer remote access to your devices.
3. Unauthorized access and data theft
They can steal sensitive personal data, such as login credentials, banking information, contact lists, and even photos. In many cases, this leads to unauthorized purchases, bank transfers or even identity theft.
4. Phishing and OTP interception
Some malware also uses phishing tactics like fake login screens to trick us into entering confidential information. Advanced malware can even intercept SMS (text) messages, allowing scammers to bypass security features like one-time passwords (OTPs) used for verifying transactions.
5. Pre-installed malware on low-cost devices
Some inexpensive Android phones may come with malware already installed at the factory level, especially from unknown or unverified manufacturers. This type of malware is harder to detect and may not be removable by conventional antivirus tools.
Tips to protect ourselves from Android malware scams:
Keep your device updated
Regularly install updates for your phone system and apps. These updates often include important security patches that protect against newly discovered threats.
Install a reputable antivirus app
Use a trusted mobile security app that can scan for malware, block suspicious activity, and help remove threats before they cause harm.
Only download apps from trusted sources
Only download apps from trusted sources like the Google Play Store or other well-known app stores, and avoid downloading apps from unofficial websites or suspicious links. Before downloading or installing any app, make sure to check out other user reviews, verify the developer’s credentials, and search online for any red flags.
Use strong passwords and enable two-factor authentication (2FA)
Create complex, unique passwords for all accounts, and turn on 2FA to add an extra layer of protection — especially for banking and email apps.
Manage app permissions carefully
Avoid giving unnecessary access to apps on your device and be cautious with permissions related to SMS, contacts, camera, microphone, or location.
Monitor your device for unusual activity
Watch for signs your device may be infected, such as sudden battery drain, unexpected pop-ups, slow performance, data usage spikes or your phone doing things on its own.
Be aware of SIM swapping
In a SIM swapping scam, a criminal tricks your mobile carrier into transferring your number to a new SIM card. This can give them access to accounts that use your phone number for verification. Contact your carrier immediately if your phone suddenly loses service.
Report suspicious activity
If you believe your device has been compromised, contact your mobile service provider, change all important passwords, contact your bank (if banking info is on your phone) and report the incident to your local cybercrime unit or relevant authority.
Stay alert, and stay secure
The best defence against malware scams is awareness. By practicing safe browsing habits, being cautious with downloads, and protecting your personal data, you can dramatically reduce your risk of falling victim to these increasingly common attacks.
Claire Nielsen is a health coach, author, public speaker and founder of . The information provided in the above article is for educational purposes only and is not a substitute for professional health and medical advice. Please consult a doctor, health-care provider or mental health practitioner if you're seeking medical advice, diagnoses and/or treatment.