Your credentials could be in danger- Banks warn customers of a new mobile malware

TomorrowMakers ™

Your credentials could be in danger- Banks warn customers of a new mobile malware

12 January 2018
A new phone malware is making the rounds, and it could steal your bank details. Here's what you should know about it.

Banks across the country have issued official warnings to their customers stating that their mobile bank credentials could be at risk of being stolen. A malware disguised as a Flash Player can attack mobile devices through unauthorised messages or pop-ups on websites.

An advisory by Quick Heal Security Labs follows the warning and states that they have detected an Android Banking Trojan that targets over 232 banking apps, including those offered by Indian lenders.

Related: Know your cheque [Infographic]

 

What is this malware?

Declared as Android.banker.A2f8a, the malware was detected previously as Android.banker.A9480. Nitin Bhatnagar from SISA information security fears that this operation is similar to that of a phishing website. The malware is known to work in the background of a computer system and send fake notifications resembling the ones you receive from banks. These are linked to counterfeit login screens transport users once they click on the application. Users are then tricked into filling confidential data which is stolen or could be used maliciously. The malware also blocks SMSs sent by banks and accesses one-time passwords.

Related: Identity checks to be mandatory for cash dealings of above Rs. 50,000

What can you do to secure your information?

IDBI bank has issued some guidelines for people to protect their confidential details from this fraudulent misuse.

  • Everyone is advised to adopt the best practices of using mobile banking in a more digitally secure manner. Download apps only from credible sources, and be cautious while visiting unfamiliar websites or clicking on links or pop-ups.
  • You are also advised against using 'jailbroken' or 'rooted' mobiles for banking or online transactions. Jailbroken iPhones are quite vulnerable to malware and hacking. They allow you to install apps on your phone that are not a part of the official app store.
  • Rooting an Android phone allows the user to make minute changes to the operating system, which could lead to the installation of malicious apps if you are careless.

Related Loan interest will soon be synced with external benchmarks

Karur Vysya Bank has pointed out to users that Adobe Flash player is an inbuilt feature in Android mobile browsers since version 4.1, and official versions are not offered for download on Google Play Store. So, consumers need to be careful and not fall prey to any download options that they come across.  

Nitin Bhatnagar adds that while there are no standards for mobile applications, there are essential practices for secure coding. He urges banks that procure apps from third-party vendors to ensure that these vendors provide every test report, indicating that they have followed the necessary payment application data security standards (PA-DSS).

Indian Banking Apps that have been impacted 

A total of 232 banking apps have been targeted due to this. 

Major banking apps that have been affected due to the Android Banking Trojan include Axis Mobile, HDFC Bank Mobile Banking, SBI Anywhere Personal, HDFC Bank Mobile Banking LITE, iMobile (ICICI Bank), IDBI Bank GO Mobile+, Abhay (IDBI Bank Ltd), IDBI Bank GO Mobile, IDBI Bank mPassbook, Baroda mPassbook, Union Bank Mobile Banking, Union Bank Commercial Clients and many more. The malware can also target cryptocurrency apps like Bitfinex, Bitcoinium, Bitcoin Ticker Widget, Bitcoin Price, BitCoin Wallet, Blockchain Merchant, Bitcoin and Ether Wallet, CoinMarketCapp among others.

 

 
 

MOST VIEWED CONTENT

Simple ways in which you can diversify your financial portfolio

Simple ways in which you can diversify your financial portfolio

As an investor, diversification, when done sensibly, helps you balance out risk and optimize returns. Here are some useful tips on diversifying your financial portfolio across assets.

7 Must-have things for a frequent traveller

7 Must-have things for a frequent traveller

All smart travellers know that there are certain things they must take with them to ensure their journeys are enjoyable, safe and stress-free.

5 things you need to know about the NITI Aayog lottery

5 things you need to know about the NITI Aayog lottery

Still wondering if you should #GoCashless? This lottery scheme will help you decide.

What does it cost to educate your child in India [Infographic]

What does it cost to educate your child in India [Infographic]

Education is a gift we all want to give our children, but as it gets costlier every year, it becomes more and more essential to plan our financial from the start to ensure that we can afford to send them to quality institutions.

Locking your Aadhaar card biometrics can prevent misuse

Locking your Aadhaar card biometrics can prevent misuse

Your Aadhaar card contain sensitive data that only you should be able to use. So how do you keep this information safe.

Investing in Money markets vs capital markets

Investing in Money markets vs capital markets

Are money markets and capital markets the same thing? How do they work? Here are some things you must know about the two.

What is ASBA? All you need to know

What is ASBA? All you need to know

Everything you need to know about ASBA (Application Supported by Blocked Account) and how it helps investors.

boy

We would love to hear from you!

Question, comment or concern? Our contact form is the best way to get in touch. We will respond to you within 5 working days.

NEWSLETTER