An easy target for cyber criminals is smartphone users who take advantage of mobile banking. BitDefender has identified a serious mobile banking phishing scam and is offering tips to help smartphone users avoid falling victim to this and to similar mobile phishing scams.
The phishing scam BitDefender detected attempts to trick smartphone users into logging into a fake mobile version of the Scotiabank login page. At first glance, the Scotiabank mobile login page looks legitimate, however, users should be on the lookout for a dubious domain name and a request for the user’s Security Code (the three digit number printed on the back of a ScotiaCard). If the user fills in the fake form with his card number and the corresponding password, the cyber criminal has access to the user’s bank account.
Paying attention to detail is key when it comes to avoiding phishing scams. Cyber criminals count on users being busy, always in a hurry, absent-minded or too distracted to catch a phishing scheme. Additionally, the small size of the smartphone screen can prevent users from seeing a fake URL; and since most smartphones lack an anti-virus solution and are not equipped with an antiphishing solution, targeting the smartphone is an easy decision for cyber criminals.
Tips to avoid becoming a mobile banking phishing victim:
Before you click on a link, make sure it is legitimate. If the link is partially obscured, or if it looks suspicious, do not click on it. Even links that look legitimate can be bogus. It is common for mobile phishers to use a free web hosting company to host the phishing page in a folder named after the mobile website of the bank.
Remember that e-banking can be risky, especially when using a mobile device. It is much safer to manually type a URL into the mobile browser instead of accessing it from a bookmark or from an email message sent from an unknown sender.
Always keep your mobile device operating system and antivirus solution updated. Cyber criminals will use any means necessary to scam you out of money.