The notorious Xenomorph Android malware, which previously targeted 56 European banks in 2022, has resurfaced with renewed vigor, now focusing its attacks on US banks, financial institutions, and cryptocurrency wallets.
ThreatFabric, a company specializing in cybersecurity and fraud detection, has identified this Android malware variant as one of the most sophisticated and perilous they have encountered.
The primary method of spreading this malware involves disguising it as an update for either Chrome or Google Play Store. Once a user clicks on the update, the malware is installed and begins automating the process of accessing online accounts and transferring funds without the user’s knowledge or consent.
In addition to staying vigilant about this scam, it is important to inform your spouse, partner, and family members about it. Moreover, there are a few methods you should be aware of to protect yourself:
- Refrain from opening or clicking on any suspicious links or attachments in unsolicited emails. Even previewing a document can put your device at risk, so it’s best to exercise caution and avoid interacting with any suspicious content.
- Updating your browser is a breeze - simply close it and reopen it, no need to download anything. Remember, the Google Play Store app won’t prompt you for an update, so don’t be fooled by any website alerts or texts urging you to download an update.
Keep in mind that there are various ways in which bank fraud can occur:
- Phishing Scams: Cybercriminals employ deceptive tactics such as sending fraudulent emails or messages, pretending to be reputable organizations like banks or government agencies, in order to deceive you or your employees into divulging confidential details like login credentials. It’s important to note that these scams can also be carried out through phone calls, so it’s crucial to ensure that your team is well-informed about this. A recent example of such an attack occurred when a hacker contacted MGM’s IT department requesting a password reset.
- Check Fraud: It’s important to safeguard your business’s checks from being forged or altered by criminals who may try to steal funds from your account. You might even want to consider going checkless to reduce the risk of your account being hacked.
- Unauthorized Wire Transfers: Cybercriminals have the potential to gain access to your online banking information, allowing them to carry out unauthorized wire transfers and redirect funds to their own accounts.
- Account Takeover: Criminals may gain access to your business’s online banking accounts by taking advantage of weak passwords, reused passwords or exploiting security vulnerabilities. This can include actions like sharing your passwords through email or storing your bank password in your web browser. Once they have control, they can carry out unauthorized transactions.
- Employee Fraud: It is possible for employees to commit deceitful acts, including embezzlement and falsifying financial documents.
Safeguard your online banking accounts by creating strong and distinct passwords and avoid saving them in your browser. Additionally, it is recommended you update your passwords every month incorporating uppercase and lowercase letters, symbols, and numbers, with a minimum length of 14 to 16 characters.
Second, it is important to enable multifactor authentication (MFA) to receive notifications in case anyone tries to access your accounts.
Third, establish notifications for significant withdrawals. By requesting your bank to mandate a physical signature for wire transfers, you can safeguard your account from unauthorized withdrawals.
Fourth, consider obtaining fraud insurance that covers both employee and online theft. This will safeguard your account in case a cybercriminal attempts to steal money from it.
It is crucial to have robust cybersecurity measures for any device that accesses a bank account or critical application. Many businesses mistakenly believe that their data is secure just because it is stored in the cloud. However, it is important to remember that even though your bank account may be in the cloud and the bank has a secure portal, you are still vulnerable to hacking.
If you haven’t had an independent third party conduct a security audit in the last 6 months, you’re due for one. Click here to schedule a Discovery call today, to see just how secure your organization truly is.
