Banks need to view the latest generation of malware attacks as a warning call, Tim Condello urges.
Mr. Condello is the vice-president of cyber threat intelligence at user behavior analytics provider RedOwl. He recently published an article describing what banks need to know about the new Android malware.
[caption id="attachment_43250" align="alignleft" width="248"]
Often the best safeguard against falling prey to the scam is a little common sense, Mr. Condello advised. Many overlays used by fraudsters are for sites where a user does not normally have to enter specific types of information.
“Social engineer malware users devise ways to prompt the user to enter their user name, password and credit card information,” Mr. Condello said. “Some will even ask for selfies with photo identification.”
Yet the malware has been remarkably effective, with some reports suggesting 200,000 devices have been infected. This malware would be immediately flagged if the user installed mobile anti-malware software. Alternatively users can hit a button to see what other apps are running and notice the overlay running on top of the app. To remove the malware remove administrative rights and uninstall the app.
Luckily banks have better options than SMSand voice for two-factor authentication, Mr. Condello said.
“They can use a different service like RSA secureID or Google Authenticator.”
Mr. Condello explained why the two are better options.
“Android provides code to access SMS natively and that is why you can have multiple types of messaging apps. Now this makes it very simple for malware to also access SMS which in turn makes it simple for malware to capture 2FA tokens sent over SMS. Having a separate app for 2FA adds a layer of obstruction to this. It would require a compromise of the phone and the 2FA app to have something similar occur.”
Contributors
