Escalating Security Breaches In Mobile Banking Apps: FBI Warns Public to Steadfast Security
As the public keeps increasing their use of mobile banking apps on an extensive scale. It is mostly due to increased time at home due to the widespread pandemic, so the FBI firmly expects cybercriminals to take advantage of these platforms.
Even before COVID-19 arrived, more than 75% of Americans used mobile banking in 2019. There has been a 50% increase in their use since the start of the year. In addition, 36% of Americans expect to use mobile apps to conduct their banking, while 20% prefer less frequent visits to their local branches.
As a result, the FBI has said that it expects cybercriminals to target and exploit banking customers with bogus banking apps and trojans.
Fake Banking Apps
Fake bank apps spoof major banks’ actual apps to trick users into logging in their account credentials. Specifically, when someone tries to sign in and then uses smartphone permission requests to bypass the authentication codes sent to users, these apps display an error message. According to research firms, nearly 65,000 fake apps were detected on major app stores in 2019.
App-based banking trojans
Cybercriminals also create trojans in the banking sector, which are malicious applications that disguise as games or utilities. When a user launches a legitimate banking application, the downloaded trojan comes alive to display a fake version of the bank’s login page on top of the legitimate application. Then the user enters their bank account credentials so they do not know they have been hacked.
The FBI suggests the following advice to help users protect themselves from fake or compromised bank apps.
Download apps from trustworthy sources. Online app stores like App Store and Play Store have initialized search for malicious content on their app stores. Most US banks also provide their websites with links with their mobile apps. Bank applications and other mobile services can only be downloaded from approved app stores or from bank websites.
Call the bank about an app that is suspicious. If you receive a phone call from someone who claims to be from your bank, it could be malicious. Banks can request a PIN number but will never ask for your username and password. If the phone call appears suspicious, hang up and call the bank directly.
Beware of email links or text messages. In order to spoof actual correspondence from banks and financial institutions, cybercrimes create spam emails and text messages. These phony communications contain links that lead users to malicious landing pages where they unknowingly enter their banking credentials for logging in.
Adopt strong and secure passwords. Cybercriminals can easily take advantage of leaked accounts using weak passwords or using the same passwords again. The FBI advises people to create passwords that include upper case letters, lower case letters, and symbols; use a minimum of eight characters per password; create unique passwords for banking applications, and use a password manager or password management service.
Using two-factor authentication protection (2FA). Surveys show that many users do not allow two-factor authentication, due in some cases to the inconvenience. But 2FA is an effective way to protect your account by having extra means to verify your identity, including a text code on your phone or confirmation through face recognition or fingerprint.
These days, security breaches are more common than ever. The destructive skills of Cyber Criminals seem to evolve as emerging technologies and global data progress.
Analyzing the specifics of the business of each firm and spending more in cybersecurity is the best way to escape risks and help the rising company detect and predict the increasing number of cybercrimes.