Jump directly to the content
I-PHONEY

Simple iPhone mistake everyone makes could result in bank-raiding attack as rogue apps ‘see everything on your screen’

Find out how to protect yourself from fraud and cyber crime
Finger touching App Store icon on an iPad screen.

A SIMPLE iPhone mistake made by millions could result in owners' banks being raided via rogue apps.

The malware can be innocently downloaded from the App Store onto any iOS product, including iPads - and allows hackers to "see everything on your screen", experts warned.

Hooded figure using a laptop, obscured by a background of cascading numbers.
2
Scammers are using spyware technology to drain people's bank accountsCredit: Getty

This is particularly problematic if you keep screenshots of your passwords on your phone - a technique used by many to keep track of their details.

An investigation by cybersecurity company Kaspersky revealed that this malware, nicknamed "SparkCat", is designed to scout out sensitive information within screenshots.

As well as passwords to bank accounts, it can also mine for crypto information such as recovery phrases for crypto wallets.

This means the scammers can steal bitcoin and other cryptocurrency.

read more tech news

DREAM STREAM

Easy trick to SAVE up to £400 on main streaming apps after Netflix price hike

QUICK FLIX!

Clever Netflix button saves storage and makes using TV app so much faster

The dodgy software works by asking users for permission to access photos on the device.

It then uses spyware to sift through all the files for desirable information.

The issue has been made worse by the fact that many iOS users believe their devices to be immune from cyber-attacks, the experts added.

They added that SparkCat, which is specific to iOS, has been around since around March last year.

Most read in Tech

Easy trick to SAVE up to £400 on main streaming apps after Netflix price hike
DREAM STREAM

Easy trick to SAVE up to £400 on main streaming apps after Netflix price hike

PlayStation Network Down: Worldwide outage stops users from playing online
OFFLINE

PlayStation Network Down: Worldwide outage stops users from playing online

Hidden button on your smart TV speeds up performance - find it in 10 seconds
TELLY-TASTIC

Hidden button on your smart TV speeds up performance - find it in 10 seconds

Spotify reveals big change to subscriptions & fans fear price HIKE is coming
SPOT OF BOTHER

Spotify reveals big change to subscriptions & fans fear price HIKE is coming

However, similar malware targeting other types of device - such as Androids and PCs - has been around for longer.

It comes after mobile banking customers were issued an urgent alert over a new "trick" that can drain accounts of money within seconds.

I was conned out of 17k by 'deepfake' girlfriend

The scam works by cloning the bank's phone number - gaining trust from customers by telling them to look up the number online.

They also use the same hold music to add to the illusion.

The crooks then pretend to be from the bank's fraud team - and ask for victims' bank details.

One jeweller lost £50,000 in such a scam, after scammers rang him pretended to be from Barclays

The businessman, who is in his 70s, said the long-established family-run jewellers is still recovering from the financial shock.

The caller warned him of unusual activity on his account - as a payment of £18,123 had been paid to Energy One Limited.

“I checked it was a genuine Barclays number, and they asked me to confirm my overdraft limit for security reasons,” said the jeweller.

“They even used the same horrible hold music that Barclays play, which I’ve heard so many times before in legitimate circumstances. There seemed no reason to think it was not them.”

READ MORE SUN STORIES

BILL HIKE

Major mobile and broadband provider to hike bills by as much as £48 in weeks

BAD ENERGY

The most energy zapping appliance in your home revealed

Believing he was now speaking to ‘Charlie Adams’ from the Barclays fraud team, the victim was instructed to log in to his business bank accounts on his desktop computer.

From there he unknowingly downloaded AnyDesk, a programme that gives third parties access to your computer - and the fraudsters subsequently managed to withdraw £48,451.78 from two accounts.

How to protect yourself from fraud and cyber crime

If you believe you have been victim of a scam call 0300 123 2040.

  • Do not give any personal information (name, address, bank details, email or phone number) to organisations or people before verifying their credentials.
  • Make sure your computer has up-to-date anti-virus software and a firewall installed. Ensure your browser is set to the highest level of security and monitoring to prevent malware issues and computer crimes.
  • Remember that banks and financial institutions will not send you an email asking you to click on a link and confirm your bank details. Do not trust such emails, even if they look genuine
  • Destroy and preferably shred receipts with your card details on and post with your name and address on.
  • Be extremely wary of post, phone calls or emails offering you business deals out of the blue. If an offer seems too good to be true, it probably is. Always question it.

Source;

Finger touching App Store icon on an iPad screen.
2
The malware is contained within apps downloaded from the app storeCredit: Getty
Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU