A set of fake banking apps found its way onto the Google Play store, according an internet security product provider, and many people appear to have uploaded them before they were taken down.
Eset, based in Slovakia, with an office in Cape Town, says the malicious apps claim to increase the credit card limit for users of three Indian banks, and then phish for credit card and internet banking details using bogus forms, Eset says.
The fake apps were uploaded to Google Play in June and July this year. When Eset notified Google they were taken down, but by then they had been installed by hundreds of people. The apps were uploaded under three different developer names, each impersonating a different Indian bank: however, all three apps can be traced back to a single source..
All three apps follow the same procedure. On launch, a form requesting credit card details is displayed. If users fill out the form and hit “Submit”, they are taken to a form asking for their internet banking login credentials. Clicking through both forms – with or without filling them in – leads users to the third and final screen, which thanks users for their interest . The app offers no further functionality beyond this point.
Meanwhile, the data entered into the bogus forms is sent in plain text to the phisher’s server. The data is accessible to anyone with the link, without requiring authentication. “For the victims, this amplifies the potential damage, since their data is available to anyone who comes across it,” Eset says.