ESET researchers warn of the underestimated threat of fake banking apps, a type of mobile banking malware that impersonates legitimate finance applications to steal credentials for, or money from, its victims’ bank accounts.
Fake banking apps have strategic advantages that makes them comparably effective to much more sophisticated types of malware with the same goals, according to ESET’s new research of the current Android banking malware landscape, “Android banking malware: Sophisticated Trojans vs. Fake banking apps .”
“Our analysis of the two types of banking malware – both of which have previously been discovered in the official Google Play store – has shown that the simple operation of fake banking apps comes with certain advantages that the feared banking Trojans don’t have,” said Lukáš Štefanko, ESET malware researcher.
The main strength of the fake apps according to Štefanko is their direct impersonation of legitimate banking applications. If users fall for the impersonation and install a fake banking app, there is a high chance they will treat the login screen displayed by the app as legitimate and submit their credentials. And, contrary to banking Trojans, there are no intrusive permission requests to raise the users’ suspicion after installation. Besides this, sophisticated banking Trojans are more prone to detection due to their advanced techniques acting as triggers for various security measures.
“While banking Trojans have long been regarded as a serious threat to Android users, fake banking apps have sometimes been overlooked due to their limited capabilities. Despite not being technically advanced, we believe fake banking apps might be just as effective at emptying bank accounts as banking Trojans,” said Lukáš Štefanko.
To stay safe from banking malware, ESET experts recommend that users to follow simple precautions such as keeping their Android device updated and use a reliable mobile security solution; and staying away from unofficial app stores, if possible; always keep “installation of apps from unknown sources” disabled on their device. The cybersecurity firm also suggested checking an app’s ratings, content of reviews, number of installs, and requested permissions before installing an app from Google Play; and continue paying attention to the app’s behavior after it is installed. Finally, only downloading banking and other finance apps if they are linked on the official website of the bank or financial service.