[ad_1]
Theft of personal data from credit cards is the order of the day. However, with the explosion of banking applications on smartphones, the problem is growing exponentially.
Eset IT security firm revealed that its experts have identified three banking applications that were misleading users by promising to increase the credit limit, but in fact stole credit card data and identifiers from 39; online access using fake
These malicious apps were detected on the official Google Play Store between June and July 2018 and were installed by hundreds of users before being unregistered once ESET informed Google. The applications were downloaded under the name of three different developers, each posing as a different Indian bank. However, all three apps were linked to an attacker.
The three applications follow the same procedure, once they are executed, a form is displayed in which the details of the credit card are requested. . If users fill out the form and select "send", they are directed to a form that requests identification information from the online banking service. Although all fields in the form are marked as mandatory, both forms can be sent blank, indicating that you are facing something suspicious.
Meanwhile, data entered via fake forms is sent to the attacker's server in plain text. The server that stores the data is accessible to anyone with the link and without the need to authenticate. For the victim, this greatly increases the potential for damage because the stolen data is not only available to the attacker, but potentially in the hands of anyone with access to the link.
If a user has already installed one of these three applications the company specializes in computer security recommended to uninstall them immediately. For now, specialists advised to check the bank account for any suspicious activity and change the pin of the card as well as the direct debit access code.
Source link