Fake apps of SBI, ICICI, Axis Bank, Citi and other leading banks are available on Google Play, which may have stolen data of thousands of bank customers, claims a report by IT security firm Sophos Labs.
These
fake android apps have logo of respective banks which makes it difficult for customers to differentiate between the
fake and original apps, it said. The report further said that the deceptive malware in these apps may
have stolen thousands of customers' account and credit card details.
When contacted some of the banks mentioned in the report said they have not come across any such
fake apps. However, some banks have started inquiry and also informed the
CERT-In -- the national nodal agency for responding to computer security
incident. The
fake apps target total seven banks like SBI, ICICI, Axis, Indian Overseas, BoB, Yes Bank and Citi Bank, the report said.
Another lender Yes Bank said it has informed the bank's cyber fraud department about the matter. However, the country's largest lender State Bank of India's response was awaited. There were no immediate comments from ICICI Bank and Axis Bank.
According to the report, the apps lured victims to download and use
them, either by masquerading as Internet apps or e-wallets, promising
rewards, including cash back on purchases, free mobile data or interest
free loans.
Some even claimed to be providing a too-good-to-be-true service,
enabling users to withdraw cash from an ATM and have it delivered to
their doorstep.
"Deceptive malware may have stolen thousands of Indian sub-continent
bank customers account data or credit card numbers," said Pankaj Kohli,
threat researcher, SophosLabs.
Fake apps are not new to Android and this sort of malware will continue to find its way into the android
app store, it said.
"Some are blatant copies of real apps, while a few are much more
dangerous as they seed malware and steal data from user accounts. Users
should always use antivirus software, which provides malware protection and internet security to keep users protected and stop these
fake apps from stealing data," it said.
Source- Economic Times
Source- Economic Times