If you are using mobile bank apps to complete money transactions, you need to be extra careful as researchers at cybersecurity firm Kaspersky have identified a new version of the Ginp banking Trojan that can insert fake text messages into the Inbox of a regular SMS app in a bid to obtain banking credentials of unsuspecting users. In simple words, the malware can access all your bank details.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

The malware urges victims to open their bank apps with SMS and push notifications, then overlays these apps and steals banking credentials. Most of these messages sent to fool smartphone users, appear under the guise of reputable vendors informing users about an undesired event like blocked account access.

These messages ask users to open the application to continue. Once done, the Trojan overlays the original window and asks them to input the credentials for a credit card or a bank account. As a result, their payment details are handed over to cybercriminals.

WATCH Zee Business TV LIVE Streaming Online -

"Ginp is simple, but efficient - and effective. And the rate at which it evolves and acquires new capabilities is concerning. While this attack has so far only been seen in Spain, based on our previous experience, this Trojan could begin to emerge in other countries as well; Android users need to be on alert," Alexander Eremin, security expert at Kaspersky, said in a statement.

As these malware can also intercept one-time confirmation codes from banks, they can siphon off funds without the victim noticing. Not just this, they can also infect your smartphones by sending a bad download link. Some malicious apps are more creative, using SMS access to distribute other things in your name, such as offensive text messages.