We have come across several fake apps on Android. Some of these are blatant rip-offs to the original ones meant to dupe users for several reasons. Now, a set of fake banking apps have hit the Google Play Store. These apps are said to steal data of the credit card users by duping them to fill in their card details and login credentials.
A new report claims that fake Android apps of ICICI Bank, HDFC Bank and RBL Bank have been used by the attackers on three separate occasions to collect the sensitive data from unsuspecting users. These fake apps have collected information such as credit card number, expiry date, CVV and login credentials by providing fake application forms.
According to the security firm ESET, the application for was allegedly meant to increase the credit card limit of the cardholders. In addition to collecting the information, the same was released online in plain text via an exposed server, the report adds. The listing of stolen credit card information on the server is accessible to anyone having the link without any authentication.
Notably, these fake banking applications were available for download on the Google Play Store in June and July this year. These were traced to one perpetrator and have been removed.
How to identify fake apps?
If you are confused how you can identify these fake banking apps, then you need to know that these apps offer no functionalities to the users as the original ones. These apps ask you to fill in your personal banking details and nothing else.
How do fake banking apps operate?
All these fake banking apps follow the same process. On opening these apps, a form will be displayed asking you to fill in your credit card details. If you fill the form and hit Submit, you will be taken to a different form asking for the login credentials. Soon after filling these forms, you will get a message that a Customer Service Executive will contact you shortly.
How to stay safe from bogus apps?
If you have installed and used such malicious apps, you should immediately uninstall these apps. Make sure you check your bank account to know if there was any suspicious activity and change your credit card PIN and your internet banking password immediately.
Also, you need to know that you should always install the mobile banking apps only from the official website of the bank. And, never let out your sensitive banking details in any online forms if you are sure of the legitimacy of the platform. Moreover, before you download any app from Google Play Store, check for the ratings, number of downloads and reviews of that app.