Consumers at risk as mobile banking Trojans threaten worldwide. Consumers around the world that use mobile banking apps are at a greater risk of being tricked by cybercriminals and falling victim to mobile banking Trojans. This is according to new global research from Avast, which asked almost 40,000 consumers in 12 countries around the world to compare the authenticity of official and counterfeit banking application interfaces.
The findings highlight the level of sophistication and accuracy applied by cybercriminals to create trusted copies designed to spy on users, collect their bank login details, and steal their money.Globally, 58% of respondents identified the official mobile banking app interface as fraudulent while 36% mistook the fake interface for the real one. In Spain, the results were similar at 67% and 27% respectively, compared to 40% and 42% in the US.
Avast has detected a number of mobile banking Trojans in recent months – a privacy and security threat that is on the rise. The banks targeted by cybercriminals and under the microscope in the survey include Citibank, Wells Fargo, Santander, HSBC, ING, Chase, Bank of Scotland and Sberbank.
Despite having strict security measures and safeguards in place, the large customer bases of each bank make them attractive targets for cybercriminals to develop fake apps that can mimic their official apps.
In November last year, Avast’s Threat Labs Mobile team discovered a new strain of the BankBot Trojan in Google Play targeting consumers’ bank login details. Avast analyzed the threat in collaboration with ESET and SfyLabs.
This latest variant was concealed in supposedly trustworthy flashlight and Solitaire apps. Once downloaded, the malware would initiate and target the apps of large blue chip banks. If a user opened the banking application, the malware would create a fake overlay on top of the genuine app with the goal of collecting the customer’s banking details and sending them on to the attacker.