Hundreds of CBA and ANZ customers have fallen victim to a phishing scam after downloading fake Android banking apps. The malicious software closely resembled ANZ’s and Commonwealth Bank’s real banking apps – and both remained undetected on the Google Play Store for weeks. Here’s what you need to know.
More than one thousand bank customers have unwittingly downloaded malicious apps impersonating the ANZ and Commonwealth Bank apps, reports SMH. The fake apps have been on the Google Play site for weeks and were reportedly downloaded more than 1000 times by unsuspecting customers.
The malicious software is designed to steal customers’ personal log-in credentials including passwords and credit card information. The apps were discovered back in June by IT security company ESET and reportedly removed within “a few hours”. However, by then the apps had been available on the site for weeks. It is not currently known how many people fell for the scam after downloading the app.
According to ESET, after launching the fake app, users were asked to type in their log-in details just like a regular banking app. Once the data was submitted, victims were sent a thank you message after which the app would crash and cease to function.
If you downloaded the CBA or ANZ banking app this year and suspect it might have been fake, you are advised to contact your bank immediately. You should also change your credit card pin codes and internet banking passwords. We’ll be updating this story when we learn more.