Android malware uses NFC for bank theft: How to protect yourself

Fraudsters are inventive when it comes to cheating people out of their money. We’ll show you which scams are currently in circulation.

Criminals are constantly trying to get sensitive account and credit card data as well as personal information from consumers. They primarily use digital channels to do this. Find out what tricks they use here.

A new Android malware uses NFC technology to empty bank accounts. The security company ESET has uncovered this threat in the Czech Republic. For several months, attackers used the software called “NGate” to steal money from other people’s accounts. One suspect is already in custody.

The attack was multi-stage: First, affected individuals received SMS messages promising a tax credit and asking them to install an app. This app collected bank details and passed them on to the perpetrators. Then a supposed bank employee called to tell the victims that they had been hacked and should install another app – the actual malware.

This second app asked users to hold their bank card to their smartphone to read the PIN and card details. This information was then sent to the attackers, who used it to make cash withdrawals and increase withdrawal limits.

ESET warns against installing unknown apps and recommends only activating NFC when necessary. Investigations into the exact extent of the damage are underway in the Czech Republic.

Plastic bags that supposedly contain Bitcoins are increasingly appearing in Munich and the surrounding area. The Bavarian State Criminal Police Office (LKA) is warning of a new scam in which criminals are handing out fake Bitcoin paper wallets on the street along with payment receipts for over 10,000 euros.

Anyone who scans the QR code on these documents ends up on a fake website. There, fraudsters try to steal personal data and pay out the supposed money in return for a processing fee of around three percent of the alleged amount. However, this payment never takes place – instead, only an error message appears.

The police advise anyone who finds the plastic bags to hand them in to the nearest police station. Citizens are also asked to be particularly vigilant and not to give out any personal information.

Because QR codes do not allow users to immediately see what information the digital images contain, they are increasingly being misused by criminals. The North Rhine-Westphalia Consumer Advice Center warns against this. The scam is called quishing. The term is derived from the words “QR code” and “phishing”.

What is particularly insidious about the scam is “that not all smartphones display what is in the QR code before carrying out the corresponding action”. That is why cell phone users should install an app that displays the link first, it says.

The Lower Saxony State Office of Criminal Investigation is also warning of fraud involving QR codes. Officials report that fraudsters are currently sending fake letters from German banks containing such codes.

Anyone who scans one of these codes and follows the link contained therein will land on a fake banking page and be asked to enter sensitive data. The criminals’ goal is to gain access to the online banking of the letter recipients. The hook in the letters is, according to the information, the claim that the identity of the customers must be verified due to EU regulations.

The consumer advice center is warning of new scams in the form of phishing emails to Sparkasse customers. In the emails with the subject “Security message,” the fraudsters claim to have contacted the customer several times because of a supposedly invalid device registration. The recipients are asked to immediately correct their registration data via a link in the email – otherwise they face a fine of 5,200 euros.

It is not easy to recognize at first glance that this is a scam. According to the consumer advice center, the sender address cannot always be clearly identified as a phishing attempt. However, the unprofessional wording, the impersonal greeting and links within the email are typical.

Customers of ING and Targobank should also be careful in their email inboxes. Under the pretext of “Important information about account security” or similar subject lines, recipients are asked to update their contact details. The fraudsters even claim that this will protect them from criminal activities. These perfidious tricks are used to try to obtain personal data.