Instances of financial fraud have been on an alarming rise in our country, especially in the world of digital banking.
As per latest reports, fake banking apps of several banks including State Bank of India, ICICI Bank, Axis and Citi Bank, which are easily available on Google Play store, have compromised the data of nearly 160,000 people, according to Sophos labs, a Global IT company.
These phoney apps made their way into Google Play store in the last few months, recreating a fake logo of the respective banks, making it difficult for customers to differentiate between these fake and original applications, claimed Sophos. This is known as Phishing attack, when a fake website or app is created to look like a genuine one, intended to steal login credentials and other details from unsuspecting users. Such stolen data is later used to withdraw money from such compromised accounts, or to make online payments.
Luring victims to download and use them, these bluff applications pose as e-wallets, offering rewards like free mobile data or interest fee loans, cash back on purchases and several other “too-good-to-be-true” offers, mentioned sources.
The most deceptive tactic is the one claiming to withdraw cash from an ATM and have it delivered to the users’ doorstep. Pankaj Kohli, threat researcher at Sophos Labs said, “These fake apps may have stolen several bank customers’ account data, including thousands of their credit card numbers, as well.”
The fake applications have also targeted the Indian Overseas Bank and Bank of Baroda, according to reports.
However, when some of the banks mentioned in the report were contacted, they claimed that they were unaware of the existence of these apps.
Yet, other banks have initiated inquiry and have also informed the CERT-In (the national nodal agency) regarding the computer security incident. YES Bank hs informed its cyber fraud department regarding the matter. Meanwhile, Citi Bank has denied any form of impact on their company, requesting Sophos to remove its name from such reports.