News Categories

Singaporean smartphone users lose thousands of dollars to mobile banking hackers

By Liu Hongzuo - on 4 Dec 2015, 10:51am

Singaporean smartphone users lose thousands of dollars to mobile banking hackers

A screenshot provided by the Association of Banks in Singapore showing one of the ways in which mobile banking users were prompted to update their software. People who clicked on the link were asked to enter their credit card details to complete the software upgrade. Image credit: The Straits Times, Association of Banks in Singapore.

The Association of Banks in Singapore (ABS) issued a warning against malicious software targeting Android smartphones. Some 50 mobile customers of major retail banks here reported losses of up to "several thousand dollars" after clicking on the dubious link, prompting ABS to issue the warning. The software comes hidden in a pop-up window that prompts users to update their software.

"ABS would like to remind mobile banking customers that smartphones are as susceptible to malware as desktop computers or laptops," said Mrs Ong-Ang Ai Boon, director of ABS. "Now, criminals have turned to targeting Android phone users... as banks are pushing out more banking apps for user convenience."

False software update

The dubious pop-up window is believed to appear after smartphone users visited websites infected with malware. It prompts unsuspecting users to click on an embedded link to update their WhatsApp messaging software or battery management module. People who clicked on the link were asked to enter their credit card details to complete the software upgrade.

Users who did so would be greeted with the Android green robot logo with the message: "System update in progress.” It is at this point that cyber criminals take control of the phone, using the credit card details entered and one-time passwords received via SMS for making fraudulent online transactions. Some of these transactions appear to originate in Eastern Europe, according to Mrs Ong-Ang. Items purchased include airline tickets.

Fraudulent online transactions in Singapore have risen sharply over the past three years - from 238 reported cases in 2012 to 510 cases in 2013, and 1,659 cases last year. Consumers are also advised to report any suspicious activities to their banks so that transactions on compromised credit cards can be blocked. Some of the victims have made a police report. Bank refunds may be made on a case-by-case basis, but customers must prove that they took steps to protect their banking credentials. As a precaution, consumers should not use their infected phones for mobile banking. Users may need to restore their phones to factory settings to remove the malware.


Users also should also refrain from downloading apps through dubious sources as malware can hide in these apps, said Mr Lim Chin Keng, the Asia-Pacific director of security solutions at security specialist F5 Networks. "The malware is able to detect banking activities, for instance, and launch a fake website to trick users into entering their banking credentials," he said.

Spotting fraudulent apps and false notifications is possible with due vigilance. According to Norton’s Community site, unsolicited texts or notifications can be double-checked by accessing the services via the usual log-in methods, and not with the links provided in the suspicious message. Apps in Google Play can be verified for authenticity by looking up user reviews, and searching for the app developer’s name or company online. Security or software update notifications can be cross-checked by searching for news or information online – you can find out if the update is genuine, and the correct way to update your smartphone.

Singapore is not the only country susceptible to fraudulent mobile malware. Trend Micro published a detailed white paper about the Yanbian Gang, showing how a cybercriminal group based in Jilin, China, managed to victimize approximately 4,000 South Koreans in 2013 and 2014. The cybercriminal group released false apps belonging to five South Korean major banks. By Trend Micro’s account, the spoofed apps causes the phone to run background services where the malicious app will take the place of the correct app, even when the correct app is launched. The false app, now open, will then log the users’s input and send the information to the cybercriminals’ database.

Dos and don'ts

  • Do not download apps from random websites as the apps may be infected with malware.
  • Do not jailbreak or remove the software restrictions of your phone’s operating system as it makes your phone more susceptible to malware.
  • Avoid using unsecured Wi-Fi connections for sensitive transactions as cyber criminals are known to snoop around on these networks.
  • Update the operating system of your device regularly as these updates contain bug fixes and new features that better secure the phone.
  • Secure your smartphone with a password to prevent unauthorized use.

Source: The Straits Times

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.