In times of pandemic, banking transactions, through bank applications and websites, have increased exponentially. However, this has also seen an increase in cyber theft.
In this sense, you should be aware of the existence of banking malware that is often used by cybercriminals and is designed to steal banking credentials and passwords. For this reason, we spoke with the Computer Security specialist at ESET Latin America, Martina López, who explained how it operates, what types of data it can steal and what to do to avoid being a victim of banking malware.
What are the most common types of banking malware?
Banking malware usually has a well-defined structure. Those that pose as common applications in official download stores stand out, infect devices at the moment in which the user downloads this fake program, and trick the subsequent victim into handing over their credentials in pop-up windows. fraudulent.
YOU CAN SEE: Laptop: we teach you how to close the lid without turning off the monitor Armavaldo, directed to the countries of Brazil and Mexico, mainly; Grandoreiro, a threat distributed in South America that later spread to Europe, among others.
What kind of users are the most attacked by banking malware?
Unlike so many other threats out there, banking malware is not usually targeted at a particular group of people. What does happen is that the easiest population to infect is the one with little technological knowledge, such as the elderly. It is then where the bulk of the victims take place.
What kind of data can financial malware steal?
YOU CAN SEE: BRATA: alert for dangerous malware that steals your money and then formats your cell phone How to avoid banking malware?
Some tips that we can follow to avoid being a victim of this type of attack are:
Use strong passwords, do not repeat them between different platforms and activate the double authentication factor whenever possible. Implement a comprehensive security solution. It must proactively detect malware, filter unsolicited messages, review phone settings and offer the possibility of remotely erasing all stored information in case of theft or loss. Install applications from repositories or official stores. Update the operating system and the Applications. As with computers, updating both the operating system and the programs is necessary to obtain security improvements and new features. Check that the links you visit belong to the official organization. In addition, it checks if the connection is encrypted through HTTPS –which can usually be seen as a green padlock where the URL is located– and that the certificate is signed by a trusted entity. In turn, be careful with email messages, chats or social networks that include links or files. When in doubt, it is preferable not to enter or download the content that is so insistently requested. YOU CAN SEE: Peru is the Latin American country with the most cryptominers and phishing attacks. What can I do when I detect that my phone has been infected by banking malware?
In most cases, if a device has been infected with malware, resetting it to its factory mode (“hard reset”) causes the phone to roll back and the threat is no longer present.
Another way to remove malware inside your device is to start the phone in safe mode, go to the applications section and remove those applications that we consider suspicious. Next, it is important to run a deep clean of the device with a trusted security solution.