A few years back, a friend in the banking business told me that while the vault in his brick-and-mortar building was safe from attack, the real threat wasn’t muscle-bound men wearing body armor and brandishing weapons, but rather some lazy geek sitting in his underwear in the basement of his home staring at a computer screen.

According to the Wall Street Journal, my friend is correct.

Cybersecurity experts told the WSJ there is an uptick in breaches of individual bank accounts thanks to a new round of malware that specifically targets smartphones.

Malware programs with names like Acecard and GM Bot are now the darlings of the criminal underground. And it’s little wonder why — the use of mobile banking apps is up 10 percent from 2011. The Federal Reserve reports over 50 percent of smartphone users have used them to access their bank accounts in the last 12 months.

So the criminals naturally migrate to where the money is. ATM skimmer scams and credit card breaches are so last year, apparently!

The new types of smartphone-specific malware are built to steal your log-in credentials and they target both Android and iOS. Just days ago, Apple had to put out word to its customer base that a new patch was available for three recently discovered iOS exploits.

How does the malware get on your phone?

Malware programs like Acecard and GM Bot can show up on your phone if you click a virus-laden text message from an unknown party or if you accidently hit a “scammy” ad on a website.

So, what does the malware do once it secretly loads itself on your smartphone? Experts say it just hangs out…. waiting until you access any financial apps. When you do, it comes alive and creates a virtual copy of the authentic banking app to trick you into thinking you’re at the right place to log on. You enter your info and bam…it’s captured by the criminals.

Cybersecurity experts told the WSJ of nine ways that smartphone owners can protect their valuable banking information.

1. Always make sure you install the latest software updates from your operating system. These often include security and protection updates to help protect your device.

2. When it comes to downloading mobile banking apps, be sure you only install your bank, credit union or brokerage firm’s official apps that you find at their websites.

3. Make sure you install malware protection and make sure that it is updated. Clark’s Virus, Spyware and Malware Protection Guide is a great way to find free and effective options.

4. Beware of public Wi-Fi. You should never do any financial transactions on free public Wi-Fi. Period!

5. Don’t fool with your operating system. People sometimes mess around with their OS in trying to download apps that aren’t sanctioned. Don’t do it!

6. Don’t click on strange texts. Android users got a real scare last year when a report emerged that they could be hacked by text message.

7. Disable auto-fetching of MMS for any messaging apps you use. Outlook.com has a step-by-step guide with screenshots for Hangouts and Messenger, among others.

8. Use authentication features such as fingerprint identification. Make sure any password you use is unique to your mobile banking experience. Create safer passwords!

9. Go through your bank statement line-by-line. Report any suspicious charges immediately.

I don’t know about you, but I work hard for the money my boss pays me every two weeks. After looking at all the taxes deducted to help others afford food, shelter, insurance and gaudy rims and tires, I definitely would like to steer clear of another moocher of my money.

 

Cal Bryant is the Editor of Roanoke-Chowan Publications. Contact him at cal.bryant@r-cnews.com or 252-332-7207.