Cash is King, for now. The use of electronic payment applications has been steadily growing, according to a recent survey by the US Federal Reserve, cash payments accounted for only 26% of all payments in 2020. Payment cards (credit/debit) and electronic payment applications were used for 65% of all payments, leaving 9% to wire transfers directly from a bank. The wave of cashless payments and e-commerce has led to the creation of many different payment applications. Apple Pay, Google Pay, PayPal, Venmo, and Trello Pay are some of the most common mobile payment apps. Yet, these applications often come with risks, with cybercriminals dreaming up new scams to trick us out of our cash – whether virtual or cold and hard.
Smartphones, like any other device, can be exploited by malware. One way cybercriminals can get your sensitive information is through keyloggers. This malware records and sends each action (tap) on your smartphone (or computer) to the hackers, enabling them to view account credentials you type into any application or website you visit. Hackers can also use fake apps that pretend to be legitimate and exploit your payment apps. An example can be found at the end of this article, where ESET researchers discovered a trojan disguised as a battery optimization tool, targeting users of the official PayPal app, attempting to transfer €1,000 ($1,200) to the hacker’s account.
Most hackers exploit devices and deploy malware through phishing emails. Ransomware especially can be deployed through these emails, crippling your business by locking up your sensitive data and threatening to release it to the public unless you pay the ransom. Cyberattacks can be devastating not only to your business but your personal life as well.
When using smartphones, there are a few things you can do to help you stay secure, especially when doing mobile payments. Follow CyberHoot’s best practices for smartphone security:
It’s important to understand the applications you’re using and how they are authenticated and disable public sharing of transactions. The graphic below shows the most common payment apps and the various ways in which they attempt to keep you secure:
Payment Security Definitions: Bug Bounty | Two-Factor Authentication | Transaction Lock
While these are all vital when using smartphones, you should also follow these additional practices when using computers, especially at work. CyberHoot recommends the following best practices to prepare for, limit damages, and sometimes avoid cyber attacks:
Start building your robust, defense-in-depth cybersecurity plan today with CyberHoot.
Sources:
NY Times – Mobile Payment Research
Additional Readings:
Hackers Releasing Fake Contact Tracing Applications
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreA newly uncovered cyberattack campaign is exploiting Zoom’s Remote Control feature to infiltrate the systems...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.