The digital age of banking has resulted in offering personalised services to its customers and has also made the payment process faster. It has enabled banks to enhance their security measures and prevent fraud through tech-equipped biometric systems. However, hackers have now devised a new way to scam you of your money through the use of Web APK technology. With the help of this, the hackers trick people into installing malicious apps on their phones. This becomes highly dangerous when Android users install unprotected banking web apps that urge the customers to submit their login credentials and two-factor authentication (2FA) tokens, hence resulting in theft.


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

Previously, cybercriminals used to make new applications and upload them to Google Play Store. When downloaded, they extract the necessary information of the customers and transfer the money from their bank account with the help of it. After facing numerous cases in the same manner, Google decided to implement a new security measure. It made the requirement of a D-U-N-S number compulsory for web developers before they submit their apps on the Play Store. D-U-N-S are the nine-digit unique number, which is used to verify businesses.


APK Technology


However, Web APK doesn’t require Google Playstore to get installed on your phone. It helps users in installing Progressive Web Apps (PWAs) on their devices. PWAs can be of any app ranging from Spotify to different banking apps. Through this, the hackers have now found a new way to enter the malicious application on your Android devices.


As per the report of Hacker News, the attack begins when the users receive an SMS message which asks them to update their banking apps present on their phone. “The link contained in the message led to a site that used Web APK technology to install a malicious application on the victim's device,” said Computer Security Incident Response Team (CSIRT KNF), as quoted by Hacker News. CSIRT KNF is a group of IT security experts in the Polish Financial sector.


Hence, it becomes important for you to remain careful of such phishing attacks which are now taking place through Web APKs.


Here Are 3 Ways In Which You Can Protect Your Phone From Malicious Apps:


1) Install from the official source: Always download the applications from a trusted and authentic source such as Google Play Store. It will prohibit the entry of any malicious apps on your device. Don't install apps from third-party sources. They often contain Web APK links which can phish out your personal information.


2) Avoid SMS app links: Never install the bank application from any link which you received through SMS messages. Banks never ask their customers to download their services through text messages. Cross-check the source of information before stepping into it.


3) Install antivirus: In the age of digital warfare, it's important to have an antivirus on your laptops and smartphones. It will protect you from any expected virus or malware attack which can disrupt your system.