Six financial institutions including five banks and a cryptocurrency have been caught amidst a phishing scam. A number of apps on Google Play were impersonating banks from New Zealand, Australia, the United Kingdom, Switzerland, and Poland as well as cryptocurrency exchange Bitpanda.
The Google Play apps make use of bogus forms and impersonate legitimate services to phish for credit card details and login credentials of unsuspecting customers. The apps were published on Google Play in June 2018, and they have seen thousands of downloads before being taken down.
According to We Live Security “While the apps don’t follow one common procedure, upon launch they all display forms requesting credit card details and/or login credentials to the targeted bank or service. If users fill out such a form, the submitted data is sent to the attacker’s server. The apps then present their victims with a “Congratulations” or “Thank you” message, which is where their functionality ends.”
The developers of the malicious apps used different names to hide their identities. However, a detailed inspection by security researchers revealed the similarities in code proving that the apps have been built by the same attacker. The apps take advantage of code obfuscation which can prevent Google’s automated scanning systems from detecting the malicious code.
To prevent phishing scams, it is recommended to download apps from trusted sources only. Official websites of banks include Google Play and Apple Store links to their apps that are trusted. Downloading apps from Google’s platform does not mean that they are trusted while developers often finding loopholes to get past the security checks in place. However, Google’s platform is substantially more reliable than third-party stores which are often infested with malware.
What do you think about the malicious apps uploaded to Google Play? Let us know in the comments below. Also, share the news on social media and catch up with us on Facebook and Twitter.