+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

A malware is sending fake SMS to steal your banking details – Here’s how to protect yourself

Feb 18, 2020, 14:15 IST
Business Insider India
Pixabay
Cybersecurity firm Kaspersky has detected a new version of the Ginp banking Trojan, and it is more powerful than it was before. The malware was first detected in October last year and now, a new version has been spotted.
Advertisement

What is a banking trojan?

A banking trojan is a program that tries to obtain confidential information about users and clients using banking and payment systems. The trojan often intercept OTPs from banks to make a payment without the victim noticing.

What is Ginp?

Ginp is a banking trojan and when it was first spotted, it used to send the victim’s contacts to its creators, stole card data and intercepted text messages. Now, it has started sending users messages and push notifications to get the user to open banking apps. The notifications are designed in a way that the user expects to see a form for entering card details.

It then overlays the app with a phishing window to steal user data. For this, it uses the phone’s accessibility functions that allows it to see the screen and tap buttons or links.

Advertisement

As per the report, in one such instance, a user was sent a notification from the Play Store. The notification said – “We are missing your credit or debit card details. Please use the Play Store app to add them securely.”

When the user clicked on the notification, a form to enter the card details was shown to him. However, this form was not sent by Google Play and any information entered here would directly go to the malware creators.

Similarly, fake SMSes from banks are also being sent to users, warning them that suspicious activity has been detected on their accounts. The trojan is able to create fake SMS with any text from any sender.

How to protect yourself from banking trojans?

  • Do not click on links in text messages if the message seems suspicious to you.
  • Download apps only from the Play Store and do not install apps from unknown sources.
  • Do not give accessibility permission to any app that does not require it.
  • Be careful while giving apps the permission to access SMS.
  • Do not click on suspicious push notifications.
See also:

New Android flaw Bluefrag exploits your phone's Bluetooth to send malware

Scammers are now using WhatsApp to steal money - here’s how you can protect yourself

New malware on the rampage might target Jio users — and uninstalling it won’t help
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article