Fake banking software, financial Trojans, and phishing bank information are taking more victims every day. Citizens’ bank accounts are simply emptied, and it is a difficult and time-consuming task to return the money of the benefactors. The most important advice to prevent this from happening is not to trust advertising SMS and use reliable sources to download banking applications
According to the IDEA, almost every day there is news that a text message with the content of equity shares, winning the lottery, using amazing discounts, etc. has reached the hands of users and has emptied people’s accounts by installing an app that looks like a bank. Financial and banking malware are phishing and abusing users, they are mostly transmitted in three platforms: social networks, SMS and email, and it is recommended to consider all mobile applications in these three platforms as malware.
A separate unit to deal with phishing
Shaparak has created a separate unit to prevent phishing and fake Shaparak links. Recently, old phishing methods are either less used, or users with more knowledge are no longer fooled by these methods.
Mohsen Khodabakhshi, risk and security manager of Shaparak company, said: We have a team in Shaparak complex that specifically works on phishing and limiting it. During the last two years, we managed to establish a good relationship with the infrastructure communication company and quickly block phishing links with this company.
He added: Previously, if a phishing link was found, it would take 24 hours to 48 hours to contact the legal authorities and block this link. This is despite the fact that the phishing time window is short and the offenders block the link and financial theft victims within a few hours. The first few hours are the golden time to block phishing links, and if it takes longer than that, we have actually left the victim alone.
Khodabakhshi said: In the last two years, we have changed the way we work and with the help of the Information Security Department of the Central Bank and the Infrastructure Communications Company, we have changed the formulation and implementation process of dealing with phishing links in such a way that within a few minutes, web services and phishing links are automatically, daily be identified and announced.
Fortunately, operations related to blocking phishing progress and after detection, within a few minutes, the communication infrastructure company blocks links related to phishing. Before, we used to refer to judicial authorities and FATA police, and the blocking was prolonged.
Challenges of using filter breakers
Mohsen Khodabakhshi further said: Most of the links and actions related to phishing occur in Shaparak and we also try to prevent theft and fraud in this way by improving security and speeding up related processes. Of course, problems have arisen due to the increase in the use of VPNs and filter breakers. If users use a filter breaker, phishing blocking is not done for them in time and they may become victims.
In this regard, we have started the international blocking process with the relevant global institutions and we have been blocking phishing links internationally for the past 6 months.
Risk and security manager of Shaparak emphasized: Another measure taken in this field is public awareness in the field of phishing.
Regarding malware, he said: There are different types of malware. The ones that are related to our activity are phishing malware. Many malwares are designed to receive and enter encrypted text messages on behalf of the user. In fact, they facilitate phishing. Through these malwares, when shopping, redirecting to a phishing page and receiving a password is done, and the successful transaction is done instead of the user. Such malwares have become the trend of the day. These days, internet crimes called Rat are spreading.
Khodabakhshi said: Positive measures have been taken in relation to blocking phishing, but blocking malware and Trojans still requires serious and fundamental measures. In Shaparak company, we have created an independent section to identify and block malware.
Expert force, antivirus and user report
To verify and confirm the authenticity of the software in Myket, human resources specialized in cyber security, reliable antiviruses and user reports of the software are used.
Vahid Rahimian, CEO of Myket Android Market, said: To ensure the health of the software we provide on Myket, we seek help from human resources specialized in cyber security. Cyber security elite forces are constantly checking various software including banking software. We also have different antiviruses that we use to verify the health of applications.
He added: In relation to some fake software, users report to us that we check each report separately and verify the relevant software and check the signature and MD5 of the programs, and if the relevant software is malware, we will remove it. We delete
Rahimian said: We also use Google Play Protect to review the software that we offer on Myket. (Google Play Protect, a multi-part system that appears both as a malware scanner, to provide web security, and as a phone tracker, thus ensuring the security of the operating system.)
He emphasized: We will do our best to prevent anyone from abusing Myket and presenting fake software under the title of original bank software. For this purpose, we insert the concept and badge on the original software and put a tick on the software so that the users realize that the manufacturer of this software has been identified.
We have Verify Tick (authenticity verification tick) which confirms the authenticity of the relevant software in the identification process so that it is not confused with similar applications and users are not mistaken due to the similarity of the logo or the appearance of the original software of the applications.
SEO malware
Many malwares appear in the first list of Google results due to their SEO activities, so searching for related software on Google is not a good way to install software.
Technical expert Hojjat Kohandel said: What happens is that many users search on Google to download the desired software. Hackers and fraudsters also use the same method to manipulate, inject or bind malware and change the application and turn it into a Trojan. By increasing its SEO, it makes it appear among the first results in Google search. Users also open the first results and download the same.
He added: Users should download important and sensitive software such as banking applications from their main source. They should refer to the desired bank website and download the banking software from the same website. If the software download link is not available on the site, the download link from Cafe Bazaar is available there. Using valid Android or IOS markets such as Cafe bazaar and Myket instead of searching in Google is another thing that should be observed. Unrelated and subsidiary sites should not be used.
Kohandel emphasized: Currently, there are a lot of infected software, and profit-seeking people easily publish infected software. or they infect banking software, banks and authorities that develop banking software should check the signature of the software and if the signature has been changed, do not provide services to that software. They should also inform users that the software they are using is not the original software and is fake. Of course, most banks provide such services.
He added: If the software is tampered with, the signature of the application will also change because with the smallest change, the hash and signature of the application will change.
Risks of using VPN while doing banking transactions
Regarding the dangers of using VPN when doing bank transactions, Kohandel said: In general, when you use VPN, your information can be stored on a third server, because while using VPN, we allow the VPN authority to have our traffic. be Bank transactions are also first sent to the VPN server and then sent to the bank. So the third server, which is the VPN authority, can easily identify what data we sent and which banking transactions we used.
He added: VPN alone is very vulnerable, but most banks encrypt the traffic between their software on users’ phones and the banks’ servers. Therefore, in case of traffic monitor, it cannot be used because the information is encrypted.
Where to download banking applications?
The best way to download banking software is to visit the websites of banks, Android markets, Cafe Bazaar and Myket. In the websites of banks that provide banking software, the download link for these software is also available.
Myket is one of the reliable Android markets for Iranian users where you can find programs related to finance. Myket has a strict selection system for publishing financial programs and is a reliable reference.
There is also a section called financial programs on the Cafe Bazaar site, where you can find a lot of banking programs, programs related to payment, loans and installments, and more. This reference is one of the most reliable sources for accessing banking applications. Cafe bazaar has made many efforts to prevent the spread of malware.
Both sources that have been introduced are valid and reliable, but if you do not know a program and you intend to download it from these two Android markets, you can read the opinions of other users before installing and ask their opinion about the program.
Another way to access bank accounts is to use Internet Bank or web versions, while most banks also have WPA versions, which is a type of web writing. Be sure to check the website address before entering the account information. By using SEO methods, fraudsters can show the address of a phishing site at a higher priority in Google results, while the real bank page is ranked lower.
So you can’t just trust Google results. This risk is more serious for iPhone users because the Apple Store has banned Iranian banking apps for a long time and does not allow these apps to be published.
Another issue is downloading apps from social networks, which is the most common method used by fraudsters to abuse users. Never, under any circumstances, download banking and financial applications from social networks. In addition, unfortunately, in recent years, a large amount of malware in the form of lottery programs, betting, etc. is being transmitted in social networks.
No Comment! Be the first one.