I stupidly clicked on a link in a phishing email last week which I thought was from my bank and entered my mobile number and debit card number. I was very tired and stressed from work and just let down my guard… Fortunately, my bank told me it detected a virus on my mobile and blocked online access and my debit card.
I didn’t have a Mobile Security app on my mobile at the time (I do now, and it hasn’t found anything untoward) but I had recently downloaded the GlassWire for Android app. I can’t remember exactly what time I clicked on the phishing link but having checked my Glasswire Alerts, I think there was a sequence of eight “First Network Activity” events over 3 minutes linked to my clicking on the phishing email. I assume the blue icon with horns and eyes indicates malware.
I can only upload one screenshot, so the events are:
Can anyone please interpret these events for me and tell me what they think has happened, as I’m no android expert and googling hasn’t helped me much? What did “com.qualcomm.qti.remoteSimlockAuth” do? I gave the phishers my mobile number, so can they clone my phone or something?
Did “Quickstep” copy all my photos in my Gallery app and send them to the phishers? I have some photos of documents showing sensitive financial and personal details, so I am very worried
Am I right to tell GlassWire to deny network access to everything that has the horned blue icon next to it? Shutting stable door after the horse has bolted, I guess…
Thanks for reading.