Who in their right mind
Trusts online banking, let alone from a Stasi Penal Tracking device ?
A new breed of Android malware is picking off mobile banking customers, particularly those in the UK and Germany, we're told. The Svpeng software nasty has been around for four years, and its creator was caught and thrown in the clink in 2015. However, the malware keeps on evolving, thanks to other crooks trying their hand …
There are some online banking systems which use the phone as the Second Factor in 2FA. In Germany they have replaced Transaction Authorisation Numbers (TAN) with a pushTAN from an app on your phone. So a determined criminal who has managed to phish your online banking details "just" needs to get you to download some malware onto your phone too.
I'm not sure why more banks don't give customers hardware gizmos Like Nationwide BS or Barclays in the UK do. Can't cost more than a fiver and must pay for themselves with fraud prevention?
"I'm not sure why more banks don't give customers hardware gizmos Like Nationwide BS or Barclays in the UK do. Can't cost more than a fiver and must pay for themselves with fraud prevention?"
Because they're a royal PITA? I carry enough crap in my pockets without a separate gizmo for each service requiring 2FA.
"Because they're a royal PITA? I carry enough crap in my pockets without a separate gizmo for each service requiring 2FA"
You really can't put up with one secure solution / gizmo in your bag, or drawer at home???? Some crook emptying your bank account will be more than a slightly inconvenient PITA!
Well not quite, since many people believe that those security measures work, they instruct people to do unsafe behaviour. Just look at many websites who want you to install their app. Just look at the many apps which are malware (adware) or otherwise slurp your data.
In fact, not being root on your own device means that you have to do backups via some external provider/app, which is a huge security risk compared to just scp-ing your data over to your computer or NAS.
"Well if you're daft enough to install packages from untrusted sources you do rather deserve your sorry fate."
And there's never been malware in any of the "official" and "safe" stores? Or apps which carry a payload to later download malware? Or malware loaded by ads? Using trusted sources only is the best way to minimise risk, but it won't eliminate it.
Well if you're daft enough to install packages from untrusted sources you do rather deserve your sorry fate.
True; but there have been numerous well-documented cases of malware apps that made it into Google Play or the App Store. Some of them received a substantial number of downloads before being discovered.
This post has been deleted by its author
To quote the article
"The Trojan-Banker.AndroidOS.Svpeng.ae is distributed from malicious websites as a fake Flash player," said Roman Unuchek, malware analyst at Kaspersky Lab.
That talks about flash does it not?
Because Flash gets updated so frequently and ... well the rest is obvious.
At least my Windows Phone does not have this issue. No one updates anything for it now. This applies to MS as well as I run V8.1. They promised a Windows 10 upgrade but renaged on it.
Security by Obscurity. Yay!
Windows Phone is really good, extremely productive and even looks cool with all those live re-sizeable tiles.
I really don't understand its lack of popularity and only a few apps, but like you, hey, security through obscurity is a good place to be, as well as having a phone with a great interface.
Oh, I forgot, we can also connect it to a monitor, keyboard and mouse and through Continuum have the smallest laptop in the world in our pocket, fecking amazing!
Android, and even more so iOS, are so bloody ancient in comparison it's unreal!
Don't get me wrong, I really like the convenience of a phone and Internet access in my pocket. And I refuse to pay the idiot tax. But who would actually trust the blasted things?
I do online banking - from one laptop only. The idea of using Android for anything involving money (even the Paypal website) is strange. Android Pay? Oh come on... And I'm the sort of person who has only ever downloaded about a dozen apps, all from Playstore.
I notice that the next bright idea from M$ is to allow Android to talk to Windows 10. Not on my phone it won't...
Biting the hand that feeds IT © 1998–2021