Android banking Trojans are becoming the first attack against banking information of users who use this operating system, after considerable growth throughout 2018.
Financial phishing attacks are increasing considerably in recent times. Security and analytics firm Kaspersky has reported that attacks by banking Trojans have increased by 16% year-over-year among its users. But worst of all, is that this increase has been observed especially in Android users, who have seen how these attacks have tripled compared to the previous year.
“Kaspersky detected almost 900,000 banking phishing attacks worldwide in 2018, which represents an increase of 16% compared to 2017.”
A banking Trojan is a malware that poses as an application, home page or software of your bank to make you believe that where you are entering your access credentials is a trustworthy site, when it is not.
Once the user enters their credentials through these fraudulent accesses, their access data will go to an external server accessible by cybercriminals who would already have their banking information to be able to empty the account.
Each banking type malware works in a different way. On the one hand the Trojan Marcher what it does is superimpose a false window on the user’s genuine banking application to steal the access credentials. As for the banking Trojan Zeus what it does is to direct Windows users through false emails and forced downloads to enter their information. Special attention banking allaware Backswap that has arrived in Spain.
While Russia and Germany accounted for almost 43% of all these banking attacks, the increase has also been seen in the rest of the world. However, countries such as India, Italy, Vietnam and the United States account for almost 20% of all banking attacks.
Although perhaps the excessive presence of the RTM banking Trojan, which has been recorded in a great majority of recent attacks, has caused a considerable increase in the activity of financial phishing worldwide.
The best weapon to fight against banking Trojans is common sense and other methods. Therefore never click on emails that your bank is supposed to send you, since they never contact you in this way with you. On the other hand always make sure that you access through Google to the page of your bank, observing your security credentials by clicking on the padlock next to the address of the page.