Fake Login Pages To Steal Bank Data

Uploaded on 2023-12-01 in FREE TO VIEW, BUSINESS-Services-Financial

As retail banking services have been transformed by the Internet and Mobile technology, the apparent convenience of online transactions has come at a significant cost as cyber criminals have engaged in defrauding banks and their customers. Now, Australian bank users are being targeted in a new malware campaign. 

Unsuspecting victims are being deceived by highly convincing fake login pages on their banking apps, which appear to be authentic but are criminally motivated.

Customers of several major Australian banks are being deceived into downloading a malicious app in response to seemingly legitimate text and email messages from their bank. The messages contain links to a page that either tells you to download or to add some personal details. It is a new malware called Octo and it's the latest offering from cyber criminals which can be bought on the Dark Web.

Data obtained by the ABC television channel has uncovered what appears to be the first major distribution campaign of the malware which is capable of monitor telephone calls, collecting contacts, dodging antivirus software, bypassing multi-factor authentication and key-logging email and text messages. It can also do overlay attacks, which is what happens when hackers superimpose a fake login page over an authentic app, like the ones above, to trick you into giving up your credentials.

Many of Australia’s major Banks are caught up in this scam, including ANZ, Bank Australia, Bank of Melbourne., HSBC, WestPac and several others. Hundreds of Australians have reportedly become victims by downloading the malware onto their personal devices. 

The threat of cyber criminals using bogus login pages to steal banking information is pervasive. Banks and their online customers must be alert and resist complacency that their existing security measures are good enough to protect them and maintain their trust in online banking services. 

ABC:    McAfee:    NCSC:     TerraNova / Forta SecurityMalwarebytes:   Newsbreak

Image: Tumisu

You Might Also Read: 

HSBC Mobile Banking App Fails:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Global Effects Of The Internet On Society
Trouble At Three »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

Backup112

Backup112

Backup112 has been delivering professional cloud backup services since 2004.

Appdome

Appdome

Appdome is the industry's first mobile integration as a service company, providing solutions for enterprise mobility and mobile application security.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

SEON Technologies

SEON Technologies

At SEON we strive to help online businesses reduce the costs, time, and challenges faced due to fraud.

Grip Security

Grip Security

Grip Security provides comprehensive visibility, governance and data security to help enterprises effortlessly secure a burgeoning and chaotic SaaS ecosystem.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

1898 & Co

1898 & Co

Keep your critical assets secure with a comprehensive portfolio of services from high-level assessments to fully managed security services designed for operational technology applications.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

Buchanan & Edwards

Buchanan & Edwards

Buchanan & Edwards delivers forward-focused technology solutions that help our clients transform the way they perform their missions.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

Advent One

Advent One

Advent One are recognised for solving intricate dilemmas, not only making technology work but building foundations that customers can grow upon in an effective and secure way.

G-71

G-71

G-71 LeaksID is a cutting-edge ITM technology aimed at safeguarding sensitive documents from insider threats.

ResilientX

ResilientX

ResilientX is an All-In-One Security Testing Platform designed to help MSPs and SMBs to perform their security testing and assessments without having to outsource IT.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.