Fraudsters have lured users to download and use fake banking applications to steal their personal and sensitive data.
The fake apps available on the Google Play store promises customers some of the interesting rewards like cash back on purchases, free mobile data or interest free loans.
Global IT security company Sophos Labs was the first to raise a red alarm againt the apps on Oct. 22. The primary targets are the seven Indian banks which includes State Bank of India, ICICI Bank, Indian Overseas Bank, Axis Bank, Bank of Baroda, Yes Bank, and Citibank.
“Deceptive malware may have stolen thousands of Indian sub-continent bank customers account data or credit card numbers,” Pankaj Kohli a security researcher at SophosLabs, said in the report.
The graphic design of the fake apps were so close copy of the real banking apps that it is difficult to make difference between the two.
“Some are blatant copies of real apps, while a few are much more dangerous as they seed malware and steal data from user accounts. Users should always use antivirus software, which provides malware protection and internet security to keep users protected and stop these fake apps from stealing data,” said the report.
It is expected that as many as 160,000 have downloaded these fake apps, and lost their data.
“To avoid falling prey to such malicious apps, Android users should verify the developer publishing the app. Users should pay close attention to the user rating and read user reviews before installing such apps, even when downloading apps from trusted app marketplaces,” recommends Kohli.