Republic of the Philippines
National Police Commission
PHILIPPINE NATIONAL POLICE
Camp BGen Rafael T Crame, Quezon City
ACG-CYBER SECURITY BULLETIN NR 219: BEWARE OF MOBILE BANKING TROJANS
Reference Number ACG-CSB 092221219
The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG) and classified as “Restricted” pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.
Mobile banking trojans, also known as “bankers,” are being tapped by cybercriminals to steal funds directly from mobile bank accounts, according to global cybersecurity company Kaspersky Lab.
In its latest mobile threat report covering the second quarter of 2021 for Southeast Asia, the Russian cybersecurity service provider said it has monitored a 60-percent uptick in the number of attacks using malicious mobile banking Trojans—malicious software or malware—detected and blocked in the region
Kaspersky said malwares can easily deceive users because they typically look like legitimate financial apps. However, when a victim enters their security credentials to try to access their bank account, the attackers gain access to that private information.
Since the beginning of 2021, Kaspersky said its products have foiled 708 incidents across six countries in Southeast Asia. The company achieved 50 percent of the total number of mobile “bankers” blocked in 2020 at 1,408.
Indonesia and Vietnam had the biggest number of incidents during the first half of the year. However, Vietnam and Indonesia were not in the top 10 countries affected by this threat. Vietnam and Indonesia were ranked only 27th and 31st, respectively, as of June this year.
The five countries with the highest number of mobile banking Trojan detections in Q2 2021 are Russia, Japan, Turkey, Germany and France.
While the number of mobile banking Trojan attacks in Southeast Asia remains low at the moment, Kaspersky observed there was a rise with 367 incidents from April to June 2021 compared to 230 detections during the same period last year. It added the increase in the mobile payment users during the pandemic has been a big factor, according to Kaspersky.
“We are almost at the second year of the pandemic, which has fast-tracked the mobile payment adoption in the region at a breakneck speed. During the beginning of this health crisis, our survey already showed that the majority of internet users here have shifted finance-related activities online, like shopping [64 percent] and banking [47 percent],” Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky was quoted in a statement as saying.
In the same survey, Kaspersky disclosed that seven-in-10 (69 percent) expressed concern in conducting financial transactions online and 42 percent of the respondents admitted to being afraid about someone accessing their financial details through their devices.
All PNP personnel as well as the public are advised to follow the tips in order to avoid the risk of MOBILE BANKING TROJANS:
- To monitor your bank account, enable the SMS notification service of the mobile bank. Though all Trojans do not hack SMS, it is one of the effective ways.
- Carefully download and install third-party apps. Always try the apps of official stores such as Google Play Store or App Store or websites like SafeForPC.
- Before installing any app, carefully monitor the requests for permissions of the app. Try a reliable antivirus solution on your smartphone or tablet.
For additional information, please refer to the following websites:
POINT OF CONTACT