• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » FBI Warns of Increased Mobile Banking App Cyber Attacks

FBI Warns of Increased Mobile Banking App Cyber Attacks

2020-06-11 by Michelle Dvorak

mobile banking app

Mobile Banking App Users Are at in Increased Chance for Cyber Attacks from Trojans and Fake Apps

The United States Federal Bureau of Investigation (FBI) issued a public service announcement warning consumers to be vigilant with the use of mobile banking apps. Consumers are increasingly using mobile banking apps rather than going into brick-and-mortar locations for routine bank transactions. There has been a surge in mobile banking app use since the beginning of this year.

With increased use comes increased opportunities for hackers to steal login information and money.

The FBI says that financial technology providers report that over 75 percent of Americans use mobile banking apps. This number has jumped significantly in the first half of 2020. it will only increase as people avoid going into retail locations and appreciate the convenience of baking from home. Banking apps offer the convenience of depositing checks and transferring money from home or work there convenient and easy to use.

According to the FBI report, studies of US financial data show that Americans have increased the use of mobile banking apps 50 percent since the beginning of this year. it’s logical to expect that hackers will attempt to attack these apps as the adoption rates increase mobile apps are exploited a variety of ways including malware attacks, phishing emails, and by tricking users with fake banking apps.

“Americans are increasingly using their mobile devices to conduct banking activities such as cashing checks and transferring funds,” states the FBI on their Internet Crime Complaint Center (IC3) site.

What are Banking Trojans?

Hackers use malicious computer code, called a Trojan, disguised another app. The Trojan can be dormant on your phone until it is activated by some other action. Games are used as an easy target for hackers as people are too willing to download a new game from within a game they’re currently playing. If you already have the malicious computer code or Trojan on your phone when you download the legitimate banking app the Trojan can take over.

Trojan banking apps work as an overlay. They are banded to look just like legitimate banking app, but in reality, are stealing all of your bank account information. The Trojan can steal your username and password by impersonating your legitimate banking app. The information is collected by the hackers who use it to steal your money.

EventBot Banking Trojan

In April of this year, hackers circulated a new baking trojan called EventBot. This Android malware stole banking login credentials on infected Android devices. It is especially dangerous because it can bypass two-factor authentication (2FA) by stealing authentication codes. EventBot infected devices as users downloaded games. It is capable of stealing credentials from over 200 banking and cryptocurrency apps.

Hackers Use Fake Banking Apps to Trick You

Hackers also create fake banking apps that scam users out of there bank account usernames and passwords. In 2018 almost 65,000 fake apps were detected on official app stores like Google Play and the Apple App Store. The apps have an error message informing the user they need to respond to a verification request. The fake apps exploit your smartphone to bypass an SMS text security codes.

“Actors also create fraudulent apps designed to impersonate the real apps of major financial institutions, with the intent of tricking users into entering their login credentials,” says the FBI.

READ: EventBot Android Malware Steals Banking App Credentials

Even if a hacker only steals your email address, they can use it to send a phishing email to you. If you are tricked by a phishing email and follow the instructions or click on a link, the hacker can steal your password or other sensitive information like Social Security number or birthdate. They can then use the stolen credentials to gain access to your bank account.

In February 2020a Coronavirus email phishing scam was used to launch a malware campaign to infect users’ devices with Emotet malware. Emotet is another baking trojan that downloads more malware to steal banking credentials and money.

How to Protect Your Money from Fake Apps

  • Enable two-factor or multi-factor authentication (2FA) on your bank account
  • If your device has it, use biometric login features such as fingerprint scans or facial recognition. If your phone is too old and does not have these features, consider upgrading to a newer model to protect your money.
  • Use multi-factor authentication where possible. This is dependent upon your banking provider to allow this level of protection. Multi-factor authentication means users must complete more than two steps (like respond to an SMS text, email, or biometrics) to gain access to your bank account.
  • Never click on links sent in emails to verify account ownership, reset passwords, or otherwise check on your financial information. Hackers will send phishing emails to you to try and fool you into giving them your passwords or other information they can use to take over your bank account. Go to your bank account in a web browser to check.
  • Use a password manager to create strong passwords and store them securely. A password manager can be used to sync passwords across all of your devices.
  • When in doubt CALL your bank with questions.
  • Never download an app from outside an official app store. Most banks have a link on their website to their official apps.

Filed Under: News Tagged With: Trojan

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version