It’s not the ideal way to start your lunch break but news has just come in that millions of customers of Australia’s banks are the target of a sophisticated attack which steals banking details.
According to Brisbane Times, customers of the Commonwealth Bank, Westpac, National Australia Bank and ANZ Bank are all at risk from malware which hides on infected Android mobile devices. It waits until users open mobile banking apps then places a fake login screen over the top of the legitimate login so it can steal your details.
There are over 20 mobile banking apps in Australia and New Zealand that are affected, and even the login screens for PayPal, eBay, Skype, WhatsApp have seen a similar scam.
Apart from Australia’s Big Four banks it targets a range of other financial institutions including Bendigo Bank, St. George Bank, Bankwest, ME Bank, ASB Bank, Bank of New Zealand and Kiwibank.
The scamming malware can also steal codes sent to your mobile device for authentication. When the complex programs get access to this information, thieves can log into the victims’ online banking account from anywhere in the world and transfer funds.
“This is a significant attack on the banking sector in Australia and New Zealand, and shouldn’t be taken lightly,” ESET senior research fellow Nick FitzGerald told Fairfax.
“While 20 banking apps have been targeted so far, there’s a high possibility the e-criminals involved will further develop this malware to attack more banking apps in the future.”
So what can you do?
If you have an Android device, go to Settings > Security > Device Administrators menu and check to see if ‘Flash Player’ is in the list. You can remove it from this list. A fake alert will come up saying you shouldn’t, but it’s safe.
It is then possible to uninstall the malware via Settings > Apps/Application manager > Flash Player > Uninstall.
If you have any further concerns, you should contact your manufacturer, or do a hard reset of your phone (after saving all important information).
The malware does not affect Apple phone users.