PhishLabs has observed a number of malicious mobile applications targeting users of popular payment card companies and online payment sites.
These applications claim to afford the user access to their accounts directly from their mobile device; however, their only functionality is the capability to collect credentials and personal information and deliver that stolen information to the attacker.
PhishLabs observed multiple applications with similar naming conventions targeting different companies being published to the Play Store on the same day.
Applications created earlier in 2016 typically included a reference to the targeted online payment site or payment card company in the domain name.
11 mobile applications so far in 2016 targeting customers of popular payment card companies and online payment sites. In each instance, these applications were published to Google Play.
The functionality behind these applications is simple, but the results are elegant. The applications display a phishing site which has been optimized for viewing on mobile devices, creating a fluid and authentic login experience. That is, until the user’s login credentials fail to provide them access to their account.
How to be safe when installing a App from Google Play?
- avoid installing applications from third-party stores
- If you are unsure of the legitimacy of an application on the Google Play Store or any other official app store, make sure that the provider offers a legitimate mobile application by checking their official website or contacting them directly.
- Do not utilize unsolicited mobile application download links provided via email or SMS.
