A prominent fraud prevention service says international crime groups are spreading malware designed to steal victims’ banking information. The London-based Credit Industry Fraud Avoidance System (CIFAS) says it is witnessing a surge in Android malware attacks targeting banking apps. CIFAS says that while the malware targets Android users, other mobile platforms are not immune to attacks, noting that the malicious software may have hit 200,000 victims in just six months. “These malicious apps often look like legitimate tools – such as file managers, PDF readers, phone cleaners, or even browsers like Google Chrome. Once installed, they can appear harmless but later activate harmful features through hidden updates. Key techniques criminals use include: Overlaying fake login screens on top of real banking apps to steal login credentials. Displaying deceptive ‘busy’ or ‘waiting’ screens to mask fraudulent activity. Preventing users from exiting the app or restarting their device. Requesting excessive permissions, especially ‘accessibility’ access.” According to CIFAS, users should be on the lookout for signs that their phones are infected with malware, including prompts to reauthenticate during a banking session, “busy” messages from banking apps, unexpected notifications to update or install Google Chrome and prompts to grant unusual permissions, particularly accessibility access. Says CIFAS CEO Mike Haley, “The surge in Android malware is not just a tech issue – it’s a growing threat to consumers and to banking services we all rely on. Criminals are evolving their tactics faster than ever, using deception and stealth to bypass traditional security measures. The best defence is awareness. If something feels off – an unexpected update, a strange app request – stop before you tap and always seek a second opinion. Education and vigilance are our frontline tools in the fight against fraud.” Follow us on X , Facebook and Telegram Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox Check Price Action Surf The Daily Hodl Mix Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing. The post 200,000 Potential Victims Identified As Malware Disguised As Legitimate Apps Crack Bank Accounts, Warns CIFAS appeared first on The Daily Hodl .
