Security researchers have identified a new phishing technique that uses progressive web applications (PWAs) to target customers of banks in Eastern Europe.
This content was selected, created and edited by the Finextra editorial team based on its relevance and interest to our community.
PWAs are essentially websites that resemble applications that can be installed without informing the user that they are third-party apps.
Researchers at ESET say fraudsters are targeting iOS and Android users with PWAs masquerading as banking apps.
The phishers use automated voice calls, SMS messages, and social media malvertising to trick iOS into instructing victims to add a PWA to their home screens, while on Android, the PWA installs after confirming custom pop-ups in the browser.
“At this point, these phishing apps on both operating systems are largely indistinguishable from the real banking apps they imitate,” says one ESET blog.
According to ESET, most of the identified phishing apps targeted customers of Czech banks, but one was against a Hungarian bank and another against a Georgian bank.
Additionally, there appear to be two different groups responsible for the apps. ESET warns: “We expect more copycat apps to be created and distributed because once installed, it is difficult to separate the legitimate apps from the phishing apps.”
Asset manager Northern Trust has launched a blockchain-based platform that gives institutional buyers digital access…
US-based social investing platform eToro has agreed to pay $1.5 million and halt trading in…
Mastercard has closed a deal to buy threat intelligence specialist Recorded Future from private equity…
As the national independent authority in Ireland, the Data Protection Commission (DPC) is responsible for…
The Swiss branch of Spanish bank BBVA is expanding its cryptocurrency custody and trading services…
The Church of England has completed a three-year project to introduce contactless giving devices to…
This website uses cookies.