Be very careful if you receive this message on your Android and iPhone
Malware on our devices is an increasingly serious threat. Cybersecurity has become vital if we want to protect our privacy or our bank account, and we have a new example in a new phishing campaign affecting Android and iOS phones.
It was ESET Research that discovered a new unusual phishing campaign targeting mobile users. The problem is that this new phishing campaign uses a technique that enables the installation of a malicious application from a website even if the user did not authorize the installation.
A phishing attack using a new system has been detected in the Czech Republic by ESET analysts working on the ESET Brand Intelligence service, and it could spread to other countries, including the Arab countries.
The scam is very complete. Either through SMS, call or link, they pretend to be your bank to tell you that the official app is not working properly and you need to download a new version.
After opening the URL received in the first stage, Android victims are faced with two different campaigns. On the one hand, a high-quality phishing page that mimics the official Google Play Store page of the targeted bank’s app, or a cloned website of that app. From there, victims are prompted to install a “new version” of the banking app, which is actually a Progressive Web App (PWA).
These PWAs are websites that act as apps, so online scammers can impersonate the banking entity on duty so that you think you are on the right app. Plus, by having a shortcut, it looks like a real app.
Beware, the threat has also been directed at iOS users. To do so, they trick victims into adding a Progressive Web App (PWA) to their home screens. Obviously, the moment you enter your personal details, cybercriminals will be able to access your bank accounts and empty them in record time.
So, if you receive a message from your bank saying you need to update the app and inviting you to click on a link, be very skeptical.
The best sneaky methods to save money
What to do if you answer an unwanted call and are a victim of a scam without realizing it
MyHeritage now lets you animate old or new family photos into deepfake videos
Is the Pixel 9 Not Right for You? Explore These Wonderful Substitutes