Fake Login Pages To Steal Bank Data

Uploaded on 2023-12-01 in FREE TO VIEW, BUSINESS-Services-Financial

As retail banking services have been transformed by the Internet and Mobile technology, the apparent convenience of online transactions has come at a significant cost as cyber criminals have engaged in defrauding banks and their customers. Now, Australian bank users are being targeted in a new malware campaign. 

Unsuspecting victims are being deceived by highly convincing fake login pages on their banking apps, which appear to be authentic but are criminally motivated.

Customers of several major Australian banks are being deceived into downloading a malicious app in response to seemingly legitimate text and email messages from their bank. The messages contain links to a page that either tells you to download or to add some personal details. It is a new malware called Octo and it's the latest offering from cyber criminals which can be bought on the Dark Web.

Data obtained by the ABC television channel has uncovered what appears to be the first major distribution campaign of the malware which is capable of monitor telephone calls, collecting contacts, dodging antivirus software, bypassing multi-factor authentication and key-logging email and text messages. It can also do overlay attacks, which is what happens when hackers superimpose a fake login page over an authentic app, like the ones above, to trick you into giving up your credentials.

Many of Australia’s major Banks are caught up in this scam, including ANZ, Bank Australia, Bank of Melbourne., HSBC, WestPac and several others. Hundreds of Australians have reportedly become victims by downloading the malware onto their personal devices. 

The threat of cyber criminals using bogus login pages to steal banking information is pervasive. Banks and their online customers must be alert and resist complacency that their existing security measures are good enough to protect them and maintain their trust in online banking services. 

ABC:    McAfee:    NCSC:     TerraNova / Forta SecurityMalwarebytes:   Newsbreak

Image: Tumisu

You Might Also Read: 

HSBC Mobile Banking App Fails:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Global Effects Of The Internet On Society
Trouble At Three »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

Tanium

Tanium

Tanium delivers Autonomous Endpoint Management (AEM) with the industry’s only true real-time platform for AI.

Echelon

Echelon

Echelon Company is a provider of information security services specializing in certification of security software and hardware products in Russia.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

Cynexlink

Cynexlink

Cynexlink offers Managed IT Services with Security, Network, Storage & Cloud solutions for all size of business.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

Nagios

Nagios

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

The Security Bulldog

The Security Bulldog

The Security Bulldog distills and assimilates open source cyber intelligence to enable security teams to understand threats more quickly, make better decisions, and accelerate detection and response.

G-71

G-71

G-71 LeaksID is a cutting-edge ITM technology aimed at safeguarding sensitive documents from insider threats.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.

ThreatER

ThreatER

ThreateER (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.

Scamnetic

Scamnetic

Scamnetic offer an everyday application that helps consumers detect every type of scam in real time – removing human error from the equation.