Safe Banking Tips

NEW MALWARE ATTACK “AGENT SMITH “ ON ANDROID SMARTPHONES
It has been observed that a new malware named as "Agent Smith" targeting android devices is spreading widely. The malware has the capability to automatically replace the installed apps of the infected/targeted device to malicious versions without the user knowledge. It has also been counted that the malware has infected nearly 25 million mobile devices all over the world. The malware mainly spreads by installing apps from third party app stores, 9Apps and targets the Hindi, Arabic, Russian and Indonesian speaking users. The malware is capable of performing the following functions:
 1.    Exploits Android vulnerabilities and thereafter replace installed apps with malicious versions.
 2.    Displays fake ads for financial gains, stealing banking credentials and for eavesdropping.
 3.    Has similar features related to Gooligan, HummingBad, and Copycat malwares.
 4.    Make use of android security environment loopholes such as Janus, Bundle and  Man-in-the-Disk to
build a 3-stage infection chain.          
 5.    Hide its icon from the launcher and impersonates as legitimate app.

The malware works in 3-stage infection chain which is:
 1.    Victims are lured to install dropper apps such as photo utility, games etc, containing weaponized Feng Shui Bundle as encrypted asset files.
 2.    Dropper decrypts itself to install its core malware APK file which impersonates itself as Google Updater, Google Update for U or "com.google.vending". This APK is capable of performing malicious patching and updating apps.
 3.    The malicious apk checks for the installed apps and compare it with the list of targeted apps (hardcoded/sent from CnC server). If any of the installed apps matches with the list of targeted apps then its apk is extracted and its code is modified with the malicious code and that app is reinstalled in the name of App update.
The list of malicious apps which is hardcoded in the malware is given below.
     1.    Whatsapp
     2.    lenovo.anyshare.gps
     3.    mxtech.videoplayer.ad
     4.    jio.jioplay.tv
     5.    jio.media.jiobeats
     6.    jiochat.jiochatapp
     7.    jio.join
     8.    good.gamecollection    
     9.    opera.mini.native
    10.    startv.hotstar
    11.    meitu.beautyplusme
    12.    domobile.applock
    13.    touchtype.swiftkey
    14.    flipkart.android
    15.    cn.xender
    16.    eterno
    17.    truecaller

The list given above is updated on this date. The number is increasing continuously.




Countermeasures:
   1.    If you have been infected by Apps such as those mentioned above, kindly uninstall it and if required, reinstall the apps from authentic app stores.
   2.    Do not download and install applications from untrusted sources [offered via unknown websites/ links on unscrupulous messages]. Install applications downloaded from reputed application market only.
   3.    Install and maintain updated antivirus solution on android devices. Scan the suspected device with antivirus solutions to detect and clean infections.
   4.    Prior to downloading / installing apps on android devices (even from Google Play Store), Always review the app details, number of downloads, user reviews, comments and "ADDITIONAL INFORMATION" section.
   5.    Verify app permissions and grant only those permissions which have relevant context for the app's purpose.
   6.    In settings, do not enable installation of apps from "Untrusted Sources".  Exercise caution while visiting trusted/untrusted sites for clicking links.
   7.    Install Android updates and patches as and when available from Android device vendors.
   8.    Users are advised to use device encryption or encrypting external SD card feature available with most of the android OS.
   9.    Do not download or open attachment in emails received from untrusted sources or unexpectedly received from trusted users.
  10.    Avoid using unsecured, unknown Wi-Fi networks. There may be rogue Wi-Fi access points at public places used for distributing malicious applications.
  11.    Confirm that the banking app you're using is the official, verified version. If anything looks awry or suddenly unfamiliar, check in with your bank's customer service team.
  12.    Use two-factor authentication if it's available.
  13.    Make sure you have a strong AI-powered mobile antivirus installed to detect and block this kind of tricky malware if it ever makes its way onto your system.

 

Click Here for Bank of Baroda's FASTag link (Clicking on the Link will take you to Bank of Baroda's Website)

A new modus of operandi for fraudulent transactions in UPI application has been observed, through which fraudster can easily take remote access of a victim's mobile device and carry out transactions. 

Details are as under:

Fraudster would attract the victim on some reason to download an app called 'AnyDesk' from Playstore or Appstore. It may be noted that, there are more apps similar to 'AnyDesk' that help provide remote access of device to other users.

The app code (9 digit number) would be generated on victim's device which the fraudster would ask the victim to share.

Once fraudster inserts this app code (9 digit number) on his device, he would ask the victim to grant certain permissions which are similar to what are required while using other apps.

Post this, fraudster will gain access to victim's device.

Further the mobile app credential is vished from the customer and the fraudster then can carry out transactions through the mobile app already installed on the customer's device.

Above modus operandi can be used to carry out transactions through any Mobile Banking and Payment related Apps (including UPI, wallets etc.)

In this connection, we request you to guide our customers to take adequate care while installing the unknown/not trusted applications in your online transaction devices.

Mobile Banking - Safety Tips

  • Keep your mobile device always/up-to-date with security patches.
  • While installing the application only give the minimum required permission to applications
  • Do not install the mobile application shared in  url links and mail , only install the application from the authorised play/app store.
  • Do not follow any URL in message that you are not sure about
  • Never leave your mobile phone unattended
  • Log out from online mobile banking/UPI application as soon as you have completed your transactions. 
  • Avoid using unsecured Wi-Fi, public or shared networks
  • Protect your mobile device with password against unauthorised access. Set up a Pin/password that is difficult to crack


 

Tips for safe and secure UPI/Mobile Banking transactions:

 

 

 

 

 

 

  • Ensure  app is downloaded from trusted sources. Just because the name of an app resembles the name of the bank, don’t assume it is the official Vijaya Bank app. It could be a fraudulent app designed to trick users into believing the service is legitimate. 
  • Do not modify mobile phone core configuration which is technically called as jailbreaking or rooting of the device. It will make your mobile phone susceptible to an infection from a virus, Trojan, or malware.
  • Be alert to changes in your mobile phone performance. If you download any new applications and your mobile phone starts performing differently (for example-responding slowly to commands or draining its battery faster), that could be a sign that malicious code is present on your mobile phone.
  • Monitor your financial records and accounts on a regular basis. Use the electronic account alerts to send to your email or mobile device on account activity. Regularly review your statements with online banking. This will enable you to spot any suspicious activity.
  • Vijaya Bank will never ask for your password under any circumstances. Do not tell your password to others under any circumstances (including mobile phone support operators or mobile phone sales representatives etc.). Fraudsters will try to obtain mobile banking passwords by e-mail, letter, phone calls, asking for your mobile banking account number, username, password, and other important information. If you have any doubts, please contact Vijaya Bank customer care
  • Use strong passwords that are not easily guessable. They should be composed of numbers, letters (upper case and lower case) and special characters.
  • It is good practice to change your mobile banking password regularly.
  • Do not lend others your phone with the mobile banking function opened as this will prevent infringement and deter others from spying on your personal information.
  • Don’t use your device in an unsecured Wi-Fi network or in a public place. 
  • Don’t send account numbers or other sensitive information through regular e-mails or text messages because those are not necessarily secure.
  • Password protect your mobile device and lock your device when it’s not in use. Keep your mobile device in a safe location.
  • Delete text messages from your financial institution on your mobile device, especially if they contain sensitive information.
  • If you change your mobile number, immediately contact Vijaya Bank to change the details of your mobile banking profile. You should also take additional precautions in case your device is lost or stolen. Check with your wireless provider in advance to find out about features that enable you to remotely erase content or turn off access to your device or account if lost or stolen.
  • Install mobile security software on your mobile phone.

 

Best Practices for Users & customers to mitigate risks related to micro ATM:
1.    Before using Micro ATM, please ensure that there are no strange objects in the insertion panel of the ATM (to avoid skimming)
2.    Cover the PIN pad while entering PIN. Destroy the transaction receipts securely after reviewing.
3.    Change ATM PIN on a regular basis.
4.    Keep a close eye on bank statements, and dispute any unauthorized changes or withdrawals immediately.
5.    Shred anything that contains credit card number written on it. (bills etc.)
6.    Notify credit/debit card issuers in advance for change of address
7.    Do not accept the card received directly from bank in case if it is damaged or seal is open.
8.    Do not write PIN number on credit/debit card.
9.    Do not disclose Credit Number/ATM PIN to anyone.
10.    Do not hand over the card to anyone, even if he/she claims to represent the Bank.
11.    Do not get carried away by strangers who try to help you use the Micro ATM machine.
12.    Do not transfer or share account details with unknown/non validated source.
13.    In case of any suspected transactions or loss of cards, contact the service provider/ bank immediately.

 

 

 

 

Do’s and Don’t’s for the reported Malware-Gooligan in Android Mobiles:
1.    Do not download and install applications from untrusted sources. Install applications downloaded from reputed application market only.
2.    Do not click on banners or pop-up or ads notifications
3.    Turn on 2-factor authentication for your Google / other account.
4.    Run a full system scan on device with mobile security solution or mobile antivirus solution.
5.    Check for the permissions required by an application before installing.
6.    Exercise caution while visiting trusted / untrusted sites for clicking links.
7.    Install Android Updates and patches as and when available from Android device vendors Install and maintain updated mobile security / antivirus solution.
8.    Users are advised to use device encryption or encrypting external SD Card feature available with most of the android OS.
9.    Users are advised to keep an eye on Data Usage and unusual increase in mobile bills.
10.    Use Android Device Manager to locate, remotely lock or erase your device.
11.    Avoid using unsecured, Unknown Wi-Fi networks. There may be rogue Wi-Fi access points at public places used for distributing malicious applications.

Countermeasures on Suspected mobiles:
1.    Scan the suspected device with antivirus solutions to detect and clean infections.
2.    Disable the account synchronization option in the infected device.
3.    Logout of all the synchronized accounts such as Gmail, Facebook etc. and changed their passwords using a clean system. Users should enable 2-factor authentication mechanism for additional security.
4.    Try to clean the infection using factory resets option, if it does not work then go for firmware re-flashing to install the fresh operating system on the mobile device. Before re-flashing take backup of your important information such as contacts, messages, images etc to external device.
5.    Perform re-flashing of all other devices for which these accounts are synchronized.

 

 

 

 

 

 

 

 

 


SMiShing-Phishing through SMS – a Social Engineering technique

Many people assume mobile phones are safe, and don’t realize that malware and phishing attacks are also a concern for mobile devices. Text messaging is one of the most common features used on mobile phones. There are billions of text messages received around the world each day, and a growing number of these are spam, phishing, or other malicious attacks.

SMiShing (which is a combination of SMS and Phishing) is a form of criminal activity using social engineering techniques. Phishing is the act of attempting to obtain personal information (such as passwords and financial details) by impersonating a trustworthy business in an electronic communication. Short Message Service (SMS) is the technology used for text messages on mobile phones. By combining the two, SMiShing utilises mobile phone text messages to trick people into disclosing their personal or financial information via a link to a false website, or via a fake telephone number.

Types of SMiSh Messages

According to a study, more than 90% of text messages are opened within 15 minutes of being received. This is the main reason so many SMiSh attempts are successful. Criminals prey on this immediate responsiveness.

They may be offering you something for free (e.g. “The first 20 responses win a Rs.2000 supermarket gift card”) or be advertising an amazing discount that is only available if you “ACT NOW!”.

SMiSh messages may also urge you to respond immediately to keep something bad from happening. For example, the message might appear to be from your bank, telling you that your credit has been compromised and you need to verify your account straight away using a web link (which will actually direct you to a phishing website that will steal your banking credentials).

SMishing can be independent (where the scam is solely in message form) or can be used as a sub-set of Vishing (where the message asks you to call a number). FInstead of receiving a call impersonating the taxation office, the victim will receive an SMS saying something like, “This is the Income Tax department. You are eligible for a Rs.10000 refund. Call us on XXXXXXXXXXX to find out more”.

Ways to avoid SMiShing Attacks

Avoid tapping links within text messages. Be extra cautious if the message appears to come from someone you know, because the SMS ID can be faked.

DON’T REPLY to text messages that request private or financial information from you.

If a text message is urging you to act or respond quickly, stop and think about it. Remember that criminals use this as a tactic to get you to do what they want.

Never reply to a suspicious text message without verifying the source. If your credit card has really been compromised, you should call the number on the back of your card to discuss this matter with your bank.

Never call a phone number contained in a message from an unknown sender.

If you are using an Android device, you should consider adding security software to your mobile. Smartphones are essentially small computers loaded with gigabytes of sensitive information that criminals want. You should protect your mobile phone the same way you protect your PC to avoid malware and phishing attacks.

In some cases check mobile links by taping and holding the link on your smartphone, so that you can see where it is pointing to.

Note: It is important to recognize the distinction between Telemarketing and SMiShing. Whilst telemarketers can be annoying, they are generally not being malicious. By registering your number on the Do Not Call Register you will virtually eliminate any calls that are not scams, because most legitimate telemarketers obey the rules and laws around contacting customers.

SMiShing is likely to become more prominent in the coming years. Mobile phone users need to exercise a healthy dose of suspicion with every message they receive.

SMiShing-Phishing through SMS – a Social Engineering technique

Many people assume mobile phones are safe, and don’t realize that malware and phishing attacks are also a concern for mobile devices. Text messaging is one of the most common features used on mobile phones. There are billions of text messages received around the world each day, and a growing number of these are spam, phishing, or other malicious attacks.

SMiShing (which is a combination of SMS and Phishing) is a form of criminal activity using social engineering techniques. Phishing is the act of attempting to obtain personal information (such as passwords and financial details) by impersonating a trustworthy business in an electronic communication. Short Message Service (SMS) is the technology used for text messages on mobile phones. By combining the two, SMiShing utilises mobile phone text messages to trick people into disclosing their personal or financial information via a link to a false website, or via a fake telephone number.

Types of SMiSh Messages

According to a study, more than 90% of text messages are opened within 15 minutes of being received. This is the main reason so many SMiSh attempts are successful. Criminals prey on this immediate responsiveness.

They may be offering you something for free (e.g. “The first 20 responses win a Rs.2000 supermarket gift card”) or be advertising an amazing discount that is only available if you “ACT NOW!”.

SMiSh messages may also urge you to respond immediately to keep something bad from happening. For example, the message might appear to be from your bank, telling you that your credit has been compromised and you need to verify your account straight away using a web link (which will actually direct you to a phishing website that will steal your banking credentials).

SMishing can be independent (where the scam is solely in message form) or can be used as a sub-set of Vishing (where the message asks you to call a number). FInstead of receiving a call impersonating the taxation office, the victim will receive an SMS saying something like, “This is the Income Tax department. You are eligible for a Rs.10000 refund. Call us on XXXXXXXXXXX to find out more”.

Ways to avoid SMiShing Attacks

Avoid tapping links within text messages. Be extra cautious if the message appears to come from someone you know, because the SMS ID can be faked.

DON’T REPLY to text messages that request private or financial information from you.

If a text message is urging you to act or respond quickly, stop and think about it. Remember that criminals use this as a tactic to get you to do what they want.

Never reply to a suspicious text message without verifying the source. If your credit card has really been compromised, you should call the number on the back of your card to discuss this matter with your bank.

Never call a phone number contained in a message from an unknown sender.

If you are using an Android device, you should consider adding security software to your mobile. Smartphones are essentially small computers loaded with gigabytes of sensitive information that criminals want. You should protect your mobile phone the same way you protect your PC to avoid malware and phishing attacks.

In some cases check mobile links by taping and holding the link on your smartphone, so that you can see where it is pointing to.

Note: It is important to recognize the distinction between Telemarketing and SMiShing. Whilst telemarketers can be annoying, they are generally not being malicious. By registering your number on the Do Not Call Register you will virtually eliminate any calls that are not scams, because most legitimate telemarketers obey the rules and laws around contacting customers.

SMiShing is likely to become more prominent in the coming years. Mobile phone users need to exercise a healthy dose of suspicion with every message they receive.

 

 

 

 

 

 

 

 

 

 

show
 vnet
banking
 account
opening
 Online Retail
Loans

MSME