NAT-SMS-FRAUD1-(Read-Only)
A fake bank SMS Image Credit: Supplied

Dubai: Have you got an SMS informing you that your ATM has been blocked? Does the message then instruct you to call a certain cell phone to ensure that your ATM works properly?

You are not alone. Scores of UAE residents have got similar mobile malware designed to steal credentials and money from bank accounts.

Kaspersky Lab researchers said there has been an alarming increase in malware attacks worldwide in the first quarter of 2019.

Researchers found 29,741 malware files during this period compared to 18,501 in the fourth quarter of 2018.

Mobile banking Trojans top the list of cyber threats. If you use your cell phone to pay bills and transfer funds, this sophisticated banking malware can soon become your worst enemy.

3.24 %


of mobile malware in first quarter of 2019 were Trojans

Emirates NBD has warned customers about one such banking Trojan called BankBot which tricks users into handing over their bank details by presenting an overlay window which looks identical to a bank’s app login page.

“We have discovered that some mobile applications on Android app stores have been infected with the Bankbot malware. The primary goal of Bankbot is to steal banking user IDs, passwords, pins, and phone numbers. It is also capable of intercepting SMS messages. Once the infected application has been downloaded and installed and it recognises that a user has the Emirates NBD mobile application already installed on the phone, it pops up a screen (like an overlay) for the user to enter sensitive financial information such as passwords and pins,” says an advisory on the bank’s website www.emiratesnbd.com.

Banking Trojans

NAT SMS FRAUD1-1560253433361

Kaspersky Lab said mobile banking Trojans are one of the most rapidly-developing, flexible and dangerous types of malware. Recently 29 banking Trojans were discovered on Google Play

The malware generally looks like a legitimate app, such as a banking application. When a victim tries to reach their genuine bank app, the attackers gain access to that too.

In Q1 2019, Kaspersky Lab detected around 30,000 modifications of various families of banking Trojans, trying to attack 312,235 unique users.

“The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms. For example, a recent tendency is to hide the banking Trojan in a dropper — the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival,” — said Victor Chebyshev, a security researcher at Kaspersky Lab.

How to reduce the risk of infection with banking Trojans

■ Install applications only from trusted sources, ideally — from the official app store;

■ Check permissions requested by the app — if they do not correspond with the app’s task (e.g. a reader asks to access your messages and calls), this can be a sign of an unscrupulous app;

■ Use a robust security solution to protect you from malicious software and its actions. For instance, the free version of Kaspersky internet Security for Android.

■ Do not click on links in spam emails;

■ Do not perform the rooting procedure of the device that will provide cybercriminals with limitless capabilities.

What are mobile banking trojans

Mobile banking Trojans are malwares disguised as legitimate banking apps to lure people into installing them. Once the app is launched, the Trojan displays its own interface, which is designed to steal any credentials entered.

Mobile banking Trojans accounted for 3.24 per cent of all mobile malware in Q1 2019, up from 1.85 per cent in Q4 2018