What is a banking trojan?
A banking trojan is a program that tries to obtain confidential information about users and clients using banking and payment systems. The trojan often intercept OTPs from banks to make a payment without the victim noticing.
What is Ginp?
Ginp is a banking trojan and when it was first spotted, it used to send the victim’s contacts to its creators, stole card data and intercepted text messages. Now, it has started sending users messages and push notifications to get the user to open banking apps. The notifications are designed in a way that the user expects to see a form for entering card details.
It then overlays the app with a phishing window to steal user data. For this, it uses the phone’s accessibility functions that allows it to see the screen and tap buttons or links.
As per the $4, in one such instance, a user was sent a notification from the Play Store. The notification said – “We are missing your credit or debit card details. Please use the Play Store app to add them securely.”
When the user clicked on the notification, a form to enter the card details was shown to him. However, this form was not sent by Google Play and any information entered here would directly go to the malware creators.
Similarly, fake SMSes from banks are also being sent to users, warning them that suspicious activity has been detected on their accounts. The trojan is able to create fake SMS with any text from any sender.
How to protect yourself from banking trojans?
- Do not click on links in text messages if the message seems suspicious to you.
- Download apps only from the Play Store and do not install apps from unknown sources.
- Do not give accessibility permission to any app that does not require it.
- Be careful while giving apps the permission to access SMS.
- Do not click on suspicious push notifications.
$4
$4
New malware on the rampage might target Jio users — and uninstalling it won’t help>$4