rediff.com

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  

Rediff News  All News 
Rediff.com  » Business » Report says fake bank apps may have stolen thousands of customers' data

Report says fake bank apps may have stolen thousands of customers' data

October 24, 2018 11:26 IST

While some of the banks mentioned in the report said they have not come across any such fake apps, others have started an inquiry and also informed the CERT-In -- the national nodal agency for responding to computer security incident. 

Fake apps of SBI, ICICI Bank, Axis Bank, Citi and other leading banks are available on Google Play, which may have stolen the data of thousands of bank customers, claims a report by IT security firm SophosLabs. 

These fake android apps have the logo of respective banks which makes it difficult for customers to differentiate between the fake and original apps, it said.   

The report further said that the deceptive malware in these apps may have stolen thousands of customers' account and credit card details. 

 

While some of the banks mentioned in the report said they have not come across any such fake apps, others have started an inquiry and also informed the CERT-In -- the national nodal agency for responding to computer security incident.  

The fake apps target seven banks -- the SBI, ICICI Bank, Axis Bank, Indian Overseas, BoB, Yes Bank and Citi Bank, the report said. 

Another lender, Yes Bank, said it has informed the bank's cyber fraud department about the matter. 

However, the country's largest lender, State Bank of India's response was awaited. 

There were no immediate comment from ICICI Bank and Axis Bank. 

According to the report, the apps lured victims to download and use them, either by masquerading as Internet apps or e-wallets, and promising rewards, including cash back on purchases, free mobile data or interest free loans.  

Some even claimed to provide a too-good-to-be-true service, enabling users to withdraw cash from an ATM and have it delivered to their doorstep. 

"Deceptive malware may have stolen thousands of Indian sub-continent bank customers account data or credit card numbers," said Pankaj Kohli, threat researcher, SophosLabs. 

Fake apps are not new to Android and this sort of malware will continue to find its way into the app store, it said. 

"Some are blatant copies of real apps, while a few are much more dangerous as they seed malware and steal data from user accounts. Users should always use antivirus software, which provides malware protection and internet security to keep users protected and stop these fake apps from stealing data," it said.

Image used for representational purpose. Photograph: Shannon Stapleton/Reuters. 

© Copyright 2018 PTI. All rights reserved. Republication or redistribution of PTI content, including by framing or similar means, is expressly prohibited without the prior written consent.