Mobile malware is growing in prevalence. According to a new 2017 Mobile Banking Malware report from Javelin Research, roughly 7.7 million mobile banking users have downloaded phone apps from unofficial or third party app stores.
Why is this a problem? Unofficial apps often contain malicious advertising or code. This malware could give cyber criminals access to your data—including financial information—when you access mobile banking. The millions of users who bank by phone and “sideload” third party apps may already have phones riddled with malware putting over $220 billion in financial assets potentially at risk.
“(The) potential risk is tremendous as malware operators and fraudsters shift their focus from foreign markets to the U.S. Existing malware features have the capability to circumvent the most prevalent authentication methods used in the U.S.,” the authors stated.
These developments mean that banks and other financial institutions need to beef up their security for apps and authentications rapidly. As mobile wallets and person-to-person (P2P) payments expand, fraudsters will pursue these new avenues.
Javelin’s team predicts a surge in mobile banking malware in the coming year or two. For smartphone users, take these actions:
- Avoid downloading from a third party app store. Many offer popular apps for a lower price or for free. Malware is the cost you pay if you bite this bait. While officially sanctioned apps from the Google Play or the Apple store can still carry malware, the risk is far lower.
- Question every email even those that come from acquaintances. The first method of attack could be a phishing attack that drops into your inbox.
- Never use to a free WiFi network to bank online.
- Add anti-virus security to your mobile device.
- Set your phone to alert you before it joins any unfamiliar network.
- Update your devices regularly to get all security improvements.
- Never share your login credentials
- Consider adding 2-step authentication.
- Challenge (and reject) any app that asks for admin permissions. Flashlight apps, for example, should never make such requests. Do the permissions requested align with the app’s function? If not, deny!
Banking on the go offers great convenience. However, that convenience disappears if anyone gains access to your account. Keep an eye on all transactions by reviewing bank statements and establishing alerts to notify you of unusual expenditures.