CREDO Mobile Blog

CREDO Mobile Blog

Leave a Comment

Posted on February 15, 2024

Mobile banking Trojans are built to hack your bank account and steal your money

by The CREDO Team

If you have a bank account, you probably use your phone to access it. Most people now do at least some of their banking on their phone and almost half of consumers do the majority of their banking on their mobile.

It’s quick and convenient. But it can be risky, because bank accounts are a rich target for hackers, who every year develop more—and more effective—ways to get at your money by infiltrating your phone and stealing your banking credentials. Almost 200,000 new mobile banking Trojans were identified at official and unofficial app stores in 2022, double the number in 2021.

“This drastic increase signifies that cybercriminals are targeting mobile users and are increasingly more interested in stealing financial data,” said Kaspersky Lab in its “Mobile Threats in 2022” report.

A lot of money is at stake. For instance, in early 2022, a malware campaign called Dark Herring targeted more than 100 million people around the world and stole hundreds of millions of dollars from them.

Trojans are built to deceive

A Trojan (named after the legendary Greek horse) is a malicious app that looks legitimate but does a lot of damage if installed on your phone. A banking Trojan is designed to steal money from your bank account. It fools users because it’s disguised as some other type of app, like a game, retail app or antivirus tool. If downloaded, it will ask for permission to access various phone functions, as normal apps do, and once permissions are granted and the Trojan is installed, it will enable hackers to remotely access your phone, get ahold of vital data like your mobile banking login and steal your money.

Cybercriminals spread their mobile banking Trojans at both unofficial and official app stores. Official stores have security measures in place to prevent Trojans from being uploaded but they’re not 100% effective. And when a mobile banking Trojan does successfully reach an official store, it may be downloaded by hundreds of thousands of unsuspecting users before it’s discovered and deleted.

Trojans are also disseminated via ads on social media and at third-party websites. There’s a Trojan called SpyNote in circulation now that is sent to users in a text message. Once installed, it can record your phone calls, record video, track your every tap and keystroke, and easily steal your banking username and password. It’s so hard to uninstall, users have to do a factory reset to get rid of it.

Trojans are often sent by email or social media message. These usually urge quick action, with a prompt along the lines of “Immediate response required.” They may claim that a delivery of yours has been delayed or canceled and include a link where you can learn more. Click the link and your device will be infected.

Banks and tech companies, of course, are constantly improving their defenses against mobile banking Trojans. But as fast as they move, hackers move just as quickly. This means you can’t ever be 100% protected against mobile banking Trojans but you can take commonsense precautions to keep your phone and your bank account safe from hackers.

Download apps only from official app stores

You should never download any app from a third-party app store, ever. If you want an app for your phone, get it only from the Google Play Store or the Apple App Store. It does happen that malicious apps sneak onto these official stores but it’s rare. To be as secure as possible, download your mobile banking app only from your bank’s website.

Review permissions requested by apps

When you install a new app, it will ask you to grant permissions so it can access various functions on your phone. A mobile banking app might request access to your location, camera, text messages and microphone.

The majority of the time, these requests are legitimate. The app needs them to do what it does. For example, it needs access to your camera so you can upload check images and it needs access to your text messages so it can send you one-time security codes.

But some of the permissions requested by apps are not reasonable. You can manage all the permissions granted to your apps and cancel any that seem odd or invasive. Here’s how.

Android

Open Settings and tap Apps. Tap the app you want to check on, then tap Permissions. Here you’ll see all the permissions granted to the app and you can change permissions by tapping Allow or Don’t allow.

iOS

Open Settings and tap Privacy & Security. You’ll see a list of phone features—Location Services, Contacts, Calendars and more. Tap the feature you want to check on and you’ll see a screen that shows all the apps that are accessing that feature. You can turn off permissions for specific apps.

Update your banking app regularly

App updates usually include patches for security holes and fixes for bugs, so keeping your banking app up to date will keep you more secure.

Consider a switch to CREDO Mobile

At CREDO Mobile, we care about your right to privacy. In fact, we care about all your rights—like your right to be whoever you want to be, your right to make your own health decisions and your right to a future not set on fire by fossil fuel companies.

That’s why we’ve donated over $95 million to nonprofit groups working for progressive causes like LGBTQ equality, reproductive choice and climate justice. These donations cost our customers nothing extra—but they mean everything to the nonprofits that rely on us.

Switch to CREDO Mobile and you’ll get the good feeling that comes with knowing you support the causes important to you, simply by using your phone. You’ll also get all you want from a phone company: competitive rates, great deals on new devices and nationwide coverage on the top-rated, most reliable network.

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on Twitter (Opens in new window)

Category: CREDO Tips Tags: Android, Android device, Apple App Store, Google Play Store, iOS, iOS device, keep your phone and bank account safe, mobile banking, review permissions

← Funding from CREDO Mobile helps the National LGBTQ Task Force fight for the rights of LGBTQ+ people
New Year’s Resolutions Survey Results →
About CREDO
Most companies go into business to make money. Thirty-five years ago, we went into business to make change, offering services like mobile and energy to make it easy for you to make a difference. That’s why, since day one, we’ve donated a portion of our revenue to progressive causes — over $94 million since our founding in 1985.
Recent Posts
  • Donations Spotlight: How Brady: United Against Gun Violence fights to make a difference
  • Brady: United Against Gun Violence, Free Press Action and Rainforest Action Network are the 3 nonprofits CREDO Mobile is supporting this May.
  • Donations spotlight: Support Rainforest Action Network in its fight against forest destroyers
  • 10 ways to live more sustainably and help save our planet
  • CREDO Mobile Customers Supported Nine Projects in Schools with DonorsChoose
Categories
  • CREDO Donations
  • CREDO Tips
  • Guest Posts
  • Other
  • Press Release
  • Products
  • Survey Results
  • Victory
  • Who we are
CREDO Links
  • CREDO Mobile
  • CREDO Energy
  • CREDO Donations
  • Facebook
  • Twitter
  • Instagram
  • YouTube
  • Pinterest
Archives
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • July 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013

CREDO Mobile · Terms of Use

Copyright © 2025 · All Rights Reserved · CREDO Mobile Blog