Fake Login Pages To Steal Bank Data

Uploaded on 2023-12-01 in FREE TO VIEW, BUSINESS-Services-Financial

As retail banking services have been transformed by the Internet and Mobile technology, the apparent convenience of online transactions has come at a significant cost as cyber criminals have engaged in defrauding banks and their customers. Now, Australian bank users are being targeted in a new malware campaign. 

Unsuspecting victims are being deceived by highly convincing fake login pages on their banking apps, which appear to be authentic but are criminally motivated.

Customers of several major Australian banks are being deceived into downloading a malicious app in response to seemingly legitimate text and email messages from their bank. The messages contain links to a page that either tells you to download or to add some personal details. It is a new malware called Octo and it's the latest offering from cyber criminals which can be bought on the Dark Web.

Data obtained by the ABC television channel has uncovered what appears to be the first major distribution campaign of the malware which is capable of monitor telephone calls, collecting contacts, dodging antivirus software, bypassing multi-factor authentication and key-logging email and text messages. It can also do overlay attacks, which is what happens when hackers superimpose a fake login page over an authentic app, like the ones above, to trick you into giving up your credentials.

Many of Australia’s major Banks are caught up in this scam, including ANZ, Bank Australia, Bank of Melbourne., HSBC, WestPac and several others. Hundreds of Australians have reportedly become victims by downloading the malware onto their personal devices. 

The threat of cyber criminals using bogus login pages to steal banking information is pervasive. Banks and their online customers must be alert and resist complacency that their existing security measures are good enough to protect them and maintain their trust in online banking services. 

ABC:    McAfee:    NCSC:     TerraNova / Forta SecurityMalwarebytes:   Newsbreak

Image: Tumisu

You Might Also Read: 

HSBC Mobile Banking App Fails:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Global Effects Of The Internet On Society
Trouble At Three »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

RiskLens

RiskLens

RiskLens is a software company that specializes in the quantification of cybersecurity risk.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

National Cyber Security Center (NCSC) - Hungary

National Cyber Security Center (NCSC) - Hungary

The National Cyber Security Center was established in 2015 by uniting the GovCERT-Hungary, National Electronic Information Security Authority (NEISA) and the Cyber Defence Management Authority (CDMA).

Cyfirma

Cyfirma

CYFIRMA offers Cyber threat visibility and intelligence suite and services aimed at keeping your organization’s cybersecurity posture up-to-date.

Mendoza Ventures

Mendoza Ventures

Mendoza Ventures is a venture capital fund focusing on pre-seed Artificial Intelligence (AI), Fintech, and Cybersecurity startups.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

WebSec

WebSec

WebSec is a cybersecurity firm based in Amsterdam (NL) and Wyoming (US), specializing in offensive security services including penetration testing, red teaming, and tailored security assessments.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.

Infinavate

Infinavate

Infinavate Fort CyberVault offers end-to-end services that comprehensively responds to the organization’s information security and privacy needs.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.