Skip nav to main content.

FBI Issues Warning That Mobile Banking Apps Increasingly Targeted By Malware As…

WASHINGTON–The FBI has issued a warning that cybercriminals and fraudsters are increasingly targeting mobile banking apps with malware as part of efforts to steal credentials and conduct account takeover attacks.

In a public alert, the Bureau’s Internet Crime Complaint Center warns that criminals have looked to take advantage of the COVID-19 pandemic to increasingly attempt to get malicious apps installed as more consumers are forced to use mobile apps for their finances.

“Americans are increasingly using their mobile devices to conduct banking activities such as cashing checks and transferring funds,” the FBI said in its alert. “As the public increases its use of mobile banking apps, partially due to increased time at home, the FBI anticipates cyber threat actors will exploit these platforms.”

The alert also  warns it expects to see the surge in fraudulent trojans continue as people remain working at home.

Trojans Disguise Malware

The FBI said crooks have increasingly turned to  trojans to target customers/members by disguising the malware as legitimate apps, games or other tools. When a mobile banking customer attempts to launch the malicious app, the dormant Trojan is triggered and prompts a fake login page that overlays the legitimate app for credential stealing, the FBI said.

In addition, cybercriminals and fraudsters are also using fake apps that impersonate the real financial apps to target their victims. “These apps provide an error message after the attempted login and will use smartphone permission requests to obtain and bypass security codes texted to users,” the FBI notes.

The Bureau further cautioned the crooks continue to use mobile phishing campaigns to directly target consumers.