FBI Issues Warning of Uptick in Mobile Banking Malware During Pandemic

The FBI issued another warning recently about mobile banking applications. During the coronavirus pandemic, more people are downloading mobile banking apps so they can avoid the trip out to the financial institution and potentially expose themselves to the virus by making an in-person visit. Unfortunately, the hackers are also on top of this and are issuing their malware hoping it’ll get downloaded so they can steal banking credentials.

If you are doing more online and mobile banking these days, keep a few things in mind:

• Only download apps for your mobile devices from the official app stores for your devices. Be sure to read the reviews and make sure it’s the official app for your financial institution.

• Whenever available, especially for financial applications, enable two-factor authentication. This could mean getting a one-time code sent by text, receiving a phone call that includes a one-time code, getting a random code from a key fob or key generator app, an email with a special code, or possibly some other way. If you don’t know what your financial institution offers, give their customer service number a call and ask for help.

• Install an antivirus app on all mobile devices and make sure it’s always updated.

• Keep your banking credentials secure and never share your passwords or codes with anyone, including someone at the bank.

• Avoid doing financial transactions or other sensitive tasks using unsecured public WiFi. Wait until you can get to a secure location or use your mobile device’s cellular data connection.

• Always use strong passwords with at least eight characters and never use the same password for more than one online or mobile account.

There are a couple of ways criminals are exploiting this uptick in mobile use: 1) The malware may be downloaded and stay dormant on a device until a user actually installs a legitimate banking application. Then it comes to life and goes to work stealing information from that device or, 2) Fake applications are designed to look as close as possible to legitimate banking applications in hopes users will download those instead of the real ones. According to the announcement by the FBI, “These apps provide an error message after the attempted login and will use smartphone permission requests to obtain and bypass security codes texted to users.”

Studies have indicated a 50% increase in mobile banking in the U.S. since the beginning of 2020. As governments urge social distancing, more of us are willing to use online or mobile applications to do financial business transactions. Hackers are all too happy to take advantage of this situation. If you think an app is suspicious, contact your financial institution to make them aware of it. Sometimes this is the only way they know there may be an imposter out there.

by Stickley on Security