How cybercriminals are using bogus login pages to steal your banking information
Russian cybercriminals have taken aim at the nation’s major banks with a sophisticated new malware campaign, with Australians specifically in their sights.
Unsuspecting victims are being swindled with bogus login pages on their banking apps, which appear authentic to even the technologically savvy eyes.
Before we explain how it works, let’s see if you can pick the scam.
Loading
If you punched in your details into any one of these bogus login pages, your bank details would’ve been sent directly to scammers.
This is a relatively new malware called Octo and it’s the latest offering from cybercriminals which can be privately purchased on the dark web.
Its creator is a shady figure (or figures) who call themselves the Architect or “goodluck”.
The malware is powerful — it can record your calls, harvest your contacts, evade antivirus, bypass multi-factor authentication, log what you type and send you text messages.
It can also perform what’s known as overlay attacks, which is what happens when hackers superimpose a fake login page over an authentic app, like the ones above, to trick you into giving up your credentials.
Exclusive new data obtained by the ABC has uncovered what appears to be the first major distribution campaign of the malware, with Australians identified as specific targets.
Many of the nation’s major banks are caught up in the scam, including:
- ANZ
- Bank Australia
- Bank of Melbourne
- BankSA
- BankWest
- Beyond Bank
- Bendigo Bank
- Commbank
- Greater Bank
- HSBC
- myRAMS
- NAB
- St George
- Westpac
- UBank
Hundreds of Australians have been lured into downloading the vicious malware onto their devices within days of it appearing in the wild.
It comes as consumer advocates warn that Australians are being targeted because the nation is seen as a soft target.
Octo targets Android phones — think brands like Samsung, Google, HTC — and can be hidden in what look like legitimate apps on the Google Play store, which is trusted by most users because it’s run by one of the biggest tech companies in the world.
It can also be downloaded and installed independently of the Google Play store, because of the way software on Android phones works.