[ad_1]
A set of fake banking apps has found its way onto the Google Play Store, according to a provider of Internet security products, and many people seem to have downloaded them before being dismantled.
Eset, based in Slovakia, with a malicious applications claim to increase the credit card limit for users of three Indian banks, and then phishing for credit card details and Internet banking using fake forms, said Eset.
The fake apps have been uploaded to Google Play in June and July this year. When Eset notified Google, they were removed, but by that time they had been installed by hundreds of people. The applications have been downloaded under three different developer names, each spoofing the identity of a different Indian bank: however, the three applications can be traced back to a single source.
All three applications follow the same procedure. At launch, a form asking for details of the credit card displayed. If users fill out the form and click "Submit", they are redirected to a form requesting their bank login credentials. Clicking on both forms – with or without completing them – brings users to the third and last screen, thanking users for their interest. The application does not offer any other functionality beyond this point.
Meanwhile, the data entered in the fake forms are sent in plain text to the phisher's server. The data is accessible to anyone with the link, without the need for authentication. "For the victims, this amplifies the potential damage, since their data is accessible to everyone who meets them," explains Eset.
Recently, Eset warned of a fake MyEtherWallet application, exposing private keys to victims' wallets. "These findings highlight the need for extreme caution when downloading finance and cryptocurrence applications," says Eset.
To avoid being a victim of phishing applications, Eset recommends:
- to trust only "mobile banking applications never enter". sensitive banking information in online forms if you're not sure about their legitimacy
- Pay attention to the number of downloads, ratings and reviews when downloading apps on Google Play; and
- Keep your Android device up-to-date and use a reliable mobile security solution.
[ad_2]
Source link
