Zimperium's Mobile Security Blog

Top Three Mobile Phishing Lures: #2) Malicious Apps

Top Three Mobile Phishing Lures: #2) Malicious Apps

People are slowly learning to be careful about providing their credentials when prompted by an email or phone call, but hackers are getting more creative and tricking users into giving their credentials when users think they’re just signing into their mobile app. 

For example, BankBot is Android-targeting malware using fake overlay screens to mimic existing banking apps to fool users and steal credentials. BankBot even uses advanced Two-Factor Authentication in order to mislead users.

We hosted a webinar on Wednesday, October 16th, where we discussed:

  • How mobile devices making phishing attacks even more effective;
  • Why enterprise anti-phishing solutions cannot combat app-based phishing attacks; and
  • How hackers can leverage a compromised device to access corporate networks, deliver ransomware and spear-phishing other employees.

The webinar can now be viewed on-demand.