The digital age of banking has accelerated the payment process by providing personalized service to customers. It has enabled banks to improve their security systems and prevent fraud through technology-enabled biometric systems However, hackers have now developed a new way to scam your money by using Web APK technology. With this, hackers trick people into installing malicious apps on their phones. This becomes extremely dangerous when Android users install vulnerable banking web apps that prompt customers to submit their login credentials and two-factor authentication (2FA) tokens, leading to theft.
Earlier, cybercriminals used to create new applications and upload them to the Google Play Store. Once downloaded, they extract the required information of customers and transfer money from their bank accounts with it. After facing numerous lawsuits in the same manner, Google has decided to implement a new security system. It mandated the requirement of a DUNS number before web developers could submit their apps to the Play Store. DUNS is a nine-digit unique number, used to verify businesses.
APK Technology
Cray trending stories
However, Google Playstore is not required to install Web APK on your phone. It helps users install Progressive Web Apps (PWAs) on their devices. PWAs can be anything from Spotify to various banking apps. With this, hackers have now found a new way to enter malicious applications into your Android device.
According to a report by Hacker News, the attack started when users received an SMS message asking them to update their banking app present on their phone. “The link in the message led to a site that installed a malicious application on the victim’s device using Web APK technology,” the Computer Security Incident Response Team (CSIRT KNF) said, as quoted by Hacker News. CSIRT KNF is a group of IT security experts in the Polish financial sector.
Hence, it becomes important for you to be on guard against such phishing attacks which are now taking place through web APKs.
Here are 3 ways you can protect your phone from malicious apps:
1) Install from official source: Always download apps from trusted and authentic sources like Google Play Store. This will prevent any malicious apps from entering your device. Do not install apps from third-party sources. They often contain web APK links that can phish your personal information.
2) Avoid SMS app links: Do not install the bank application from any link you receive through SMS messages. Banks never ask their customers to download their services through text messages. Cross-check before going to the source of information.
3) Install Antivirus: In the age of digital warfare, it is important to have an antivirus on your laptop and smartphone This will protect you from any expected virus or malware attacks that may disrupt your system.
