Fraud Alert Fraud Alert: Beware of Fake Apps and Mobile Malware We’d like to alert you to a new and emerging fraud modus operandi (MO) where fraudsters trick you into downloading malicious apps that compromise your mobile devices and banking credentials. How the Scam works You will receive a message offering discounts on flights or other deals. These messages are often shared through social media platforms such as Facebook, Instagram, X (formerly Twitter), or sent via SMS or email. The message includes a link to download an app to “find out more” on this great offering. You will then be requested to download an app, thinking the offer is legitimate and you will save money through this platform. During registration, the app requests biometric enrolment (e.g., banking credentials, fingerprint or facial recognition). After enrolling, your device will behave abnormally i.e. apps may crash or fail to load, the device becomes slow or unresponsive, and overall performance deteriorates. The fraudsters use the biometric data or your banking credentials to perform a man-in-the-middle attack, gaining access to your banking app and initiating fraudulent transactions. What to look out for Always confirm any email requests to change banking details or instructions by contacting the sender using known contact details you have on record. Do not reply to the email or use the contact details included in the email. Verify the bank account details using the account verification service (AVS) available to you before making any payments. Always examine the email address and header information to ensure that an email is from a legitimate contact. How to protect yourself Only download apps from trusted sources like the Apple App Store, Google Play Store, or Huawei AppGallery. Never download apps from links shared via SMS, WhatsApp, or social media unless verified by your IT or security team. Install antivirus software on your mobile device and keep it updated. Avoid enrolling biometrics into unknown or unverified apps. Report suspicious messages or apps to your fraud or IT security team immediately. Remember Fraudsters are constantly evolving their tactics. Staying alert and informed is your best defense. If something feels off, trust your instincts and report it. Let’s stay vigilant. Where to report Report Fraud or Suspicious Activity through the following channels: CIB Fraud Line on 0860 500 703 / 010 211 3117 or Email: Cibfraud@absa.africa. https://cib.absa.africa/wp-content/uploads/2020/07/file_example_MP3_700KB.mp3 Related Articles FRAUD Spyware Spyware involves the use of malicious software to covertly infiltrate computers or networks with the intent of collecting sensitive information. The information collected can then be used by fraudsters to commit fraud, including unauthorised access to bank accounts, theft of corporate data, and manipulation of financial transactions. Read more FRAUD Keylogger Keyloggers are programs that record everything you type, including passwords, emails, and credit card numbers. Installed via Trojans or malicious downloads. Read more FRAUD Trojan Horse Tjojan Horse (Trojan) is a type of malware disguised as a legitimate program or file. Once downloaded and opened, it creates a backdoor for attackers to steal data, control your device, or spy on your activity — all without your knowledge. Read more
