A warning has been issued by the ABS (Association of Banks in Singapore) regarding an application update for the popular messaging app WhatsApp, not instigated by the application maker, that is pointing to the smartphone banking customers. On Tuesday morning (Dec 1), ABS stated in a briefing, over the past three months, almost 50 Android mobile users have been hit by the hidden malware in software update.
This is the first time that Association of Banks has received complaints about fraud from the smartphone banking consumers. Although the number of infected users were not too much, it decided to release an alert as it expects the number of smartphone banking users to increase over time, and thus allow a massive target base for hackers.
The director of ABS, Mrs Ong-Ang Ai Boon said,
“Criminals have been targeting computer users. But now, criminals have turned to targeting Android phone users… as banks are pushing out more banking apps for user convenience.”
She added the targets are users of major retail banks located in Singapore. She explained, on the case-by-case basis the refunds may be made, however, users must prove that they took measures to shield their private banking info. The customers who were hit by the malware prompted through pop-up windows to update their battery management module, or WhatsApp, among others though surfing some malicious websites.
When the users click on the pop-up window, they were prompted to enter their details of the credit card. When the credit card info were entered, the virus took command of the mobile and seized the OTP (one time password) sent through the message to the mobile for making illegal internet transaction.
She said, some of the customers have lost up to thousands of dollars from multiple transactions that show to be initiated in Easter Europe. Even some airline tickets were purchased via fraudulent online transactions.
ABS advised the infected customers to stop doing any banking transactions on their mobiles anymore. Or the consumers can only perform online banking on their mobile once they reset their mobile to factory settings. This is the only way to remove this hidden malware, it might also have allowed cybercriminals to spy WhatsApp of the infected users – so factory resetting will make it possible to escape from that too.
Top/Featured Image: By arivera / Pixabay