How safe is your mobile banking? | Gladstone Brookes

How safe is your mobile banking?

How safe is your mobile banking?

Cyber experts are warning consumers about a spoof mobile phone program which can steal your log-in details.

It is unclear how many people have unwittingly downloaded the Strandhogg program, but it is understood more than 60 financial institutions have been targeted.

Fake log in screens

The cyber thieves have found ‘a major security weakness’ in the Android software which allows them to create fake log in screens which can be inserted into legitimate apps to harvest your log in information.

Tom Hansen is the chief technology officer of Norwegian mobile security firm Promon which discovered the flaw. He said: “It targeted several banks in several countries and the malware successfully exploited end users to steal money.”

Malicious apps

The discovery was made after the firm started to analyse malicious apps which were responsible for draining bank accounts.

Said Tom Hansen: “We’d never seen this behaviour before. As the operating system gets more complex it’s hard to keep track of all its interactions.

This looks like the kind of thing that gets lost in that complexity.”

Trick

The Strandhogg vulnerability is used to trick mobile banking users into thinking they are using a legitimate app, but they are actually clicking into an overlay created by the hackers.

Once it was discovered Promon worked with an American firm called Lookout to scan the apps available on Android’s Play Store, they found 60 financial institutions had been targeted via apps that had been altered by Strandhogg linked to a well known money-stealing program known as ‘bankbot’.

Action

Google, who operate Play Store, said it had taken action to close the loophole but was keen to find out more about where it had come from.

In a statement it said: “We appreciate the researchers’ work and have suspended the potentially harmful apps they identified.”

”Additionally, we’re continuing to investigate in order to improve Google Play Protect’s ability to protect users against similar issues.”

Welcomed

Tom Hansen welcomed Google’s response and commitment to continue its investigations ‘as many other apps are potentially exploitable via the spoofing bug’.

He also warned that it was still possible to create fake overlay screens in Android 10 and other, earlier operating systems.

SCAMS – Quote wizard & Insurance TAX on PPI refunds!

We have been advised that the following numbers have contacted members of the public claiming to be connected to Quote wizard which is an insurance comparison site.

SCAMS – Quote wizard & Insurance TAX on PPI refunds!

We have been advised that the following numbers have contacted members of the public claiming to be connected to Quote wizard which is an insurance comparison site.

CHOSEN CHARITY – Christmas Toy Appeal 2020

It goes without saying that 2020 has been a pretty awful year for most of us and Christmas will be a very different affair than it as been in previous years.

CHOSEN CHARITY – Christmas Toy Appeal 2020

It goes without saying that 2020 has been a pretty awful year for most of us and Christmas will be a very different affair than it as been in previous years.

CHOSEN CHARITY – The Care Workers’ Charity

There is no doubt that 2020 has been a difficult year as the pandemic gripped the country causing thousands of deaths and hundreds of thousands of cases where people have ended up in hospital for extended periods of time as they fought off the effects if the virus.

News by month:

News by Category:


Menu