#Digital World-How to identify fake Banking Apps & Useful guide.
Article by :Ravi Gupta (Digital Transformation Enthusiast)
The world is moving towards the digital economy and mobility platforms being the bedrock for financial services, it is important to be aware of applications (apps) being installed by the end user. There are hackers across the world who counter the security framework and designs of apps. These hackers constantly watch the financial services space and keep coming up with their own version of fake financial apps to target users. This has become a trend in the cyber attacks and financial frauds segment. Hence, it is important to be vigilant while executing financial transactions through digital platforms and applications.
How the Malware Works
Cyber criminals trick consumers into using their fake mobile apps by installing malware on smartphones.
For example, in November 2017, Avast discovered a new strain of the Bank-bot Trojan virus lurking in the Google Play app store. The malware was hidden in flashlight and solitaire apps. Once a consumer downloaded one of the apps, the Trojan would target any banking apps currently on the consumer’s device.
When the consumer tried to use a legitimate banking app, the malware would fool the user by creating a fake app that was overlaid on the real thing. Cyber-criminals were then able to collect username and password information that consumers entered.
How to stay safe
If you suspect that you have installed and used one of these malicious apps, we advise you to uninstall it immediately.
Also, change your credit card PIN codes as well as internet banking passwords and check your bank accounts for suspicious activity. If there have been unusual transactions, contact your bank. Users of the Bit panda cryptocurrency exchange who think they have installed the fake mobile app are advised to check their accounts for suspicious activity and change their passwords.
To avoid falling victim to phishing and other fake financial apps, we recommend that you:
- Only trust mobile banking and other finance apps if they are linked from the official website of your bank or the financial service.
- Only download apps from Google Play; this does not ensure the app is not malicious, but apps like these are much more common on third-party app stores and are rarely removed once uncovered, unlike on Google Play.
- Pay attention to the number of downloads, app ratings and reviews when downloading apps from Google Play.
- Only enter your sensitive information into online forms if you are sure of their security and legitimacy.
- Keep your Android device updated and use a reliable mobile security solution.
- Don’t Click Links in Texts and Emails Unless You Verify the Sender.
- Avoid downloading apps from distrusted websites. Users can disable installation of apps from unknown sources in the phone settings.
- Go through app permissions carefully. Ideally, the permissions asked by any app must comply with its functionalities.
What institutions should do
It is important for financial institutions to take care of their apps by ensuring the basic security features and the proactive alert mechanisms are in place while implementing any financial application. Moreover, monitoring is an inevitable part of any application and this will help understand basics, such as, how many users are accessing the app, what kind of activities are being carried out, etc.
Besides application monitoring, security monitoring will help organizations to have the visibility to identify vulnerabilities and attacks.
