You can’t order at the bar, sit down and we’ll bring drinks, ”said the hostess of a Cornish pub I visited in the midst of the Covid crisis.
I was told to use my cell phone to scan the barcode stuck to the table. This will allow me to read the menu online.
But first I needed to add to my smartphone something called a QR reader. I did it in a hurry, got my drinks and haven’t thought about it since.
So far so good. Earlier this month, a fraud expert told me that a fraudulent QR reader was found in a Google Play store where mobile apps are available.
Virus threat: victims lose 84 million pounds due to so-called fraud with payments for six months to June 30, 2021, according to the trade body UK Finance
The app has been infected with malware designed to hack into your mobile banking program and steal your passwords.
It was discovered by cybersecurity company ThreatFabric and had already been installed by more than 10,000 users before it was removed.
Luckily, this is not the app I downloaded. But it could easily have been, and I wouldn’t have been wiser until my bank account was rammed.
This is the latest in a long line of insidious tactics used by perfect scammers to steal our money.
In fact, three more mobile malware has been detected and removed from Google Play this year, one of which was a fitness app.
In total, they were downloaded by more than 80,000 mobile phone users.
And the worst thing is that when they were removed from the app store, users were not notified that their personal information was at serious risk.
Fraudsters create or buy programs designed for popular everyday purposes, such as fitness tracking, battery boosting, barcode reading, or games.
They then infect them with a virus that invades every part of your phone.
This allows scammers to read your text messages, see your bank balances and keep track of your personal information.
If you need to pay a bill or transfer money, malware can redirect your money by changing the recipient’s account details.
And this vicious software runs in the background without your knowledge.
Victims can also sell their data to other fraudsters, who can then target them over the phone – for example, posing as a bank or tax.
Khan Shahin, founder and CEO of ThreatFabric, a firm that develops ways to anticipate scammers, says: “Fraudsters adapt their attacks to take advantage of the way we live and what we do. That’s why they’re so successful.
“They know what type of apps to simulate by looking at the number of downloads in them, showing what’s popular with the public. It’s a well-thought-out plan. “
But now the banks are fighting back. And with new futuristic technology, they can determine if you are being attacked by scammers before stealing a penny.
Approved: The QR Play fraudulent app that hit the Google Play Store was installed by more than 10,000 users before it was removed
Experts believe that it is a breakthrough to end the game of cat and mouse, which is played by fraudsters.
“We are in the middle of an epidemic of fraud, and the UK is one of the most targeted countries,” said Mr Sahin, whose company works with several major banks. “We see two trends. There has been an increase in digital banking – an increase in the rate at which banks register new customers, and fast high-value remittances with fewer security disruptions.
“On the other hand, you have a growing number of different scams, such as voice-fraud and malware attacks.”
According to UK Finance, six months before June 2021, fraudsters posing as trusted organizations such as the bank or the police lost £ 84 million.
This is a kind of so-called payment fraud.
They are often told to transfer cash to a “safe” account because they are being attacked by fraudsters. Another £ 108.9 million was lost as a result of fraud with internet banking. Meanwhile, £ 17 million was stolen through mobile banking apps after fraudsters infected the victims ’computers and phones with malware.
To protect customers, Mr Shahin says banks need to use several types of technology to catch fraudsters.
Of the £ 108.9 million stolen through internet banking fraud, only £ 17.7 million has been recovered.
Some large banks are now responding by creating unique digital profiles for their customers. This may include how you use a computer mouse, type on a keyboard, or how you swipe and enter details on your phone.
Fishing: Scammers create or buy programs designed for popular everyday purposes, such as tracking fitness, increasing battery life, reading barcodes or playing games
That sounds very “Big Brother”. But the theory is that if you get a call from a scammer urging you to transfer money, the software will detect unusual keystrokes or mouse clicks, indicating that you are acting under pressure. “You type slower and hesitate when someone teaches you, and you type and spend different times over the phone,” explains Mr. Shahin.
Logging in to an online bank when you talk on the phone with a running mobile banking app is also marked as a sign of unusual behavior.
The software notifies the bank of the high risk that you have been attacked. If the bank agrees, your transaction is frozen, which spills cold water on the scammer’s plan.
There are also sensors that can detect malware or software that you have innocently downloaded to your phone or computer as soon as you log in to your account.
And any nasty bugs trying to steal your account can be stopped.
Slowly banks are realizing that they need to have a few tools to catch scammers. The malware detector itself will not detect the victim’s inattentive behavior, and the digital profiles will not help detect malicious software on your phone. Banks need both.
“The world of fraud has always been reactive,” Mr Sahin says. “A scam happens, and then banks and cybersecurity companies rush at it.
But I believe we no longer need to play this cat-and-mouse game. We can anticipate threats and actively stop attacks so that customers of banking services no longer have to worry about fraud.
To minimize the risk of fraud with malware, always make sure that at least 400,000 users have downloaded and viewed the new application before installing it on their phone.
This is not a reliable scan, but it is a good guide for well-proven applications that have been tested and installed on enough devices to detect them by anti-virus software.
Some of the links in this article may be affiliate. If you click on them, we can earn a small commission. It helps us fund This Is Money and keep them free to use. We do not write articles to promote products. We do not allow any commercial relationship to affect our editorial independence.