FBI warns hackers are targeting mobile banking apps

The FBI on Wednesday warned that malicious cyber actors are targeting mobile banking apps in an attempt to steal money as more Americans have moved to online banking during the coronavirus pandemic.

In a public service announcement, the FBI noted it expects to see hackers “exploit” mobile banking platforms, which have seen a 50 percent surge in use since the beginning of the pandemic.

“With city, state, and local governments urging or mandating social distancing, Americans have become more willing to use mobile banking as an alternative to physically visiting branch locations,” the agency wrote. “The FBI expects cyber actors to attempt to exploit new mobile banking customers using a variety of techniques, including app-based banking trojans and fake banking apps.”

The FBI specifically pointed to the threat of banking trojans, which involve a malicious virus hiding on a user’s mobile device until a legitimate banking app is downloaded. Once the real app is on the device, the banking trojan then overlays the app, tricking the user into clicking on it and inputting their banking login credentials.

Fake banking apps were also cited as a threat, with users in danger of being tricked into downloading malicious apps that also steal sensitive banking information.

In order to combat these threats, the FBI recommended that Americans only download banking apps from official app stores or from banking websites, and that banking app users enable two-factor authentication on their accounts and use strong passwords.

“If you encounter an app that appears suspicious, exercise caution and contact that financial institution,” the FBI emphasized. “Major financial institutions may ask for a banking PIN number, but will never ask for your username and password over the phone.”