top of page
Admin

Growing Attacks On Mobile Banking Apps--The Surge In Trojan Malware Hits Home

Published: August 13, 2022 on our newsletter Security Fraud News & Alerts Newsletter.



It’s easy to think of our mobile banking apps as another gift from technology, helping make our lives more convenient. Banking apps provide customer-convenient access to our funds, 24/7/365. But, if we knew just how vulnerable these apps are to trojan malware attacks, would we abandon them? After all, traveling to stand in line at your financial institutions versus a few clicks on the app on our mobile device while sitting in your easy chair... Along with growing demands for more banking apps, research finds a surge in mobile banking trojans is ready and waiting to pounce.


And now, there’s a gang of new Trojan Horses in town looking to infect our mobile banking apps, steal our critical data, and wreak havoc with our finances. These trojan malware types don’t just target banking customers, but also attack investment firms, cryptocurrency wallets, gold, and much more.


With the demand for more banking apps increasing, the financial sector has little choice but to give their customers what they want…access to mobile financial transactions.



A new study by mobile security experts at Zimperium, “Mobile Banking Heists: The Global Economic Threat,” Zimperium ZLabs does an in-depth study into the explosion of mobile banking malware. They also note the malicious abilities of this mobile malware never really stopped improving. While the findings won’t likely, or perhaps shouldn’t convince us to rethink our own mobile banking habits, we should at least know there are some risks behind using this beloved convenience.


A Contest No One Wants to Win


The researchers looked closely at over 600 of the most targeted mobile banking apps. Each with over one billion downloads globally, the study found the top three countries at greatest risk of targeted mobile malware are the U.S. at #1, with 121 different apps targeted; #2 is the UK with 55; and #3 is Italy with 43.


Although most of the mobile banking trojans studied date back to 2020, the threats of two discovered in 2017, Octo and ExobotCombatD, are responsible for some of the most destructive results we see today. This finding reinforces the increasing levels of damage and sophistication that trojan malware continues to make over time.



This does not mean you shouldn’t trust or use mobile banking apps. In fact, many security experts believe the banking apps on mobile devices are more secure than using your browser on your computer. One reason for this is because malware is still designed to attack browsers. In addition, malware that is designed to attack mobile devices requires the attacker to focus on more specific things; not only the browser.


No one knows for sure what the future of mobile banking looks like, but educated guesses include the continued growth in the number of mobile financial apps, and that trojan malware will continue to evolve and improve right along with it. There are ways to lower your risk and still enjoy the benefits of mobile banking.


  • Only download the financial apps from the official app store for your device. Make sure it’s truly the official one for your institution. Read reviews and make sure the developer is legitimate.

  • Set up a strong password for the account. Make sure it’s at least eight characters and includes digits, upper- and lower-case letters, as well as special characters.

  • Enable two-factor authentication for the account. This will prevent access to your account even if someone gets your password.

  • Don’t make financial transactions using public Wi-Fi. Keep in mind that just because it requires a password, doesn’t mean it’s private. If you cannot wait to use trusted Wi-Fi, such as at home or the office, use your cellular network service.

  • Use a VPN for added safety and don’t use the browser on your mobile device. Stick to the app.


And finally, keep tabs of your device. Make sure it is locked when you aren’t using it and enable the auto lock feature for the shortest amount of time possible.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com

Comments


bottom of page