Quotes from the article:
Cyber crooks are trying out an interesting new approach for getting information-stealing malware installed on Android users’ smartphones: a physical letter impersonating MeteoSwiss (i.e., Switzerland’s Federal Office of Meteorology and Climatology).
“The letter asks the recipients to install a new severe weather app. However, there is no such federal app with the name mentioned. Rather, the QR code shown in the letter leads to the download of malware called ‘Coper’ (also known as ‘Octo2’),” the Swiss National Cyber Security Centre has warned on Friday.
“As soon as the malware has been downloaded, it is displayed as the ‘AlertSwiss’ app on phones with the Android operating system,” the NCSC explains.
“The spelling (‘AlertSwiss’ instead of ‘Alertswiss’) and, depending on the Android version, the app icon also differ significantly from the genuine app (rectangular logo in a white circle for the fake app, round logo for the genuine app).”
Users who have scanned the QR code in the letter and downloaded and installed the fake app have been advised to reset their smartphone to factory settings to remove it.