Government has a list of dos and don’t to keep Android users safe from ‘dangerous’ banking virus

The Indian government’s central cybersecurity agency, Cert-In, recently warned about the SOVA Android Trojan targeting banking users in India. The banking Trojan steals usernames and passwords via keylogging, steals cookies, and adds fake overlays to a number of apps to trick users. SOVA used to focus on countries like the US, Russia and Spain, but in July 2022 it added several other countries, including India, to its target list. Latest version of this malware hides in bogus Android apps which are displayed with logo of popular apps like Chrome, Amazon and others to trick users into installing. This malware collects banking details including usernames and passwords when users log into banking apps and hack their accounts. The government has shared a list of dos and don’ts that can help Android smartphone users to protect themselves from this dangerous banking malware.

Download apps only from the Google Play Store


Download apps only from the Google Play Store

Only ever download apps from official app stores such as your device manufacturer’s or operating system’s app store. This reduces your risk of downloading potentially malicious apps by up to 90%. Never check the “Untrusted Sources” box to install/sideload APK apps.

Also Read :  What are the best android apps for free phone sexting? — Retail Technology Innovation Hub

Always check the Additional Information section


Always check the “Additional Information” section.

Before downloading/installing apps on your Android devices (even from Google Play Store), always read the details of the app, including the number of downloads, user ratings, comments and the “Additional Information” section.

Check what permissions the downloaded app is asking for


Check what permissions the downloaded app is asking for

Always review app permissions and only grant those permissions that have relevant context for the app to function.

Don't miss Android security patch updates


Don’t miss Android security patches/updates

Make sure you don’t miss Android updates and patches as they become available from Android device vendors. Do not navigate untrustworthy websites or follow untrustworthy links and be careful when clicking on the link contained in unsolicited emails and SMS.

Do you know if the text message from the bank is real?


Do you know if the text message from the bank is real?

Genuine SMS messages received from banks usually contain a Sender ID (consisting of the bank’s short name) instead of a phone number in the Sender Information field. Do extensive research before clicking the link provided in the message. There are many websites that allow anyone to do a search based on a phone number and see all relatable information about whether a number is legit or not.

Pay attention to what you click in email SMS or on Google


Be careful what you click on in email, text or on Google

Be sure to click a URL. Be it in SMS, e-mail or on Google. Click URLs that uniquely identify the website domain. When in doubt, users can search the organization’s website directly using search engines to ensure that the websites they are visiting are legitimate.

Also Read :  God of War Ragnarök PS5 dualsense controller: Price, pre-order and release date

Beware of these URL shorteners


Beware of these URL shorteners

Be careful with shortened URLs, e.g. B. with and tinyurl. In its recommendation, the government asks users to hover over the shortened URLs (if possible) to see the full website domain they are visiting, or to use a URL checker that allows the user to enter short url and display full url. Also, users are encouraged to use the preview feature of the shortening service to preview the full URL.

Check encryption certificates


Check encryption certificates

Before entering sensitive information such as personal information or account credentials, verify that the encryption certificate is valid by looking for the green lock in the browser’s address bar.

Report unusual activity to your bank


Report unusual activity to your bank

Bank customers are advised to immediately report any unusual activity on their account to the respective banks with the relevant details in order to take further appropriate action.

Source link