According to the Wall Street Journal, cyber thieves have a new way to hack into consumer bank accounts, and that is through mobile phones themselves. There has been an increase in malicious software programs which often work by stealing banking credentials when consumers log into accounts on their mobile phones. Essentially the software is gathering the mobile banking info to make a separate attack on the consumer account. The thought itself is more daunting than that of credit card fraud which is typically protected. One can imagine logging into their bank to find all of their accounts have been hacked and all of their money is gone. Therefore, consumers are looking to their bank to ensure that they are making the right choice when it comes to picking their mobile banking software providers.
Mobile banking technology is adapting in response to these threats becoming more complex. For example, two factor authentication, complex password requirements and biometric tools such as thumbprints. All of these options are designed to make sure the person really is who they say they are before they gain control of the account.
The reality is that there is not as much money in stolen credit cards as there used to be because there is a huge supply of stolen cards. It is the simple mechanics of supply and demand. As the market value decreased, enterprising cyber criminals had to think smarter and look for a new avenue to exploit. The answer has been malware which infects the consumer’s device and lays dormant until the mobile banking app is opened. When you open the app, the malware produces a fake front which you recognise as the usual interface, you type in your details and hey presto.
Most value the ease of mobile banking software but it has implicit vulnerabilities due to the number of potential ways to get someone to open a link and the limited or absent use of antivirus/anti-malware. So what can you do to protect yourself?
- Become well acquainted with the exact look of the banking app you use. If in doubt do not log in.
- Be really cautious with opening texts and any type of attachment that you do recognise.
- Regularly check your statements for any unusual transactions as some criminals only take a small amount first, like a pound. Do not dismiss a transaction you do not recognise because the amount is negligible. It may be a pre-cursor to a bigger attack.
- Consider one of the anti-malware protections available for your phone. Do your research before you install anything to ensure it is reputable.
This is not a problem that is going to go away which means banks and consumers need to be savvy when it comes to mobile banking technology.