Warning over new tactic used by criminals to drain your bank accounts

A new report revealed that criminals are now targeting smartphones to gain access to banking accounts and credentials using malware through apps and malicious attachments and links.

This is according to international cybersecurity firm Kaspersky, which outlined the major fraud trends during the Mobile World Congress 2025.

Kaspersky noted that the number of Trojan banker attacks on smartphones surged by 196% in 2024 compared to the previous year.

“Cybercriminals are shifting tactics, relying on mass malware distribution to steal banking credentials,” Kaspersky said.

Kaspersky added that in 2024, cybercriminals launched an average of 2.8 million malware, adware, and unwanted software attacks on mobile devices every month.

Over the past year, the security firm detected over 33.3 million attacks on smartphone users globally, involving various types of malware and unwanted software.

“The number of Trojan banker attacks on Android smartphones increased from 420,000 in 2023 to 1,242,000 in 2024,” it said.

Kaspersky explained that trojan banker malware is designed to steal user credentials for online banking, e-payment services and credit card systems.

“Cybercriminals trick victims into downloading Trojan bankers by spreading links via SMS or messaging apps, malicious attachments in messengers, and redirecting users to malicious webpages.

“They can even send messages from a hacked contact’s account, making the fraud appear more trustworthy.

“To deceive users, attackers often exploit trending news and hype topics to create a sense of urgency and lower victims’ guard,” the firm added.

“Scammers have started to scale down their efforts to create unique malware packages, focusing instead on distributing the same files to as many victims as possible.

Kaspersky security expert Anton Kivva stressed the concern of this rising threat, highlighting that no one is completely safe from well-crafted scams and psychological tricks designed to steal banking data.

Kaspersky’s report said that although Trojan bankers are the fastest-growing type of malware, they rank fourth overall in the share of attacked users at 6%.

“The most widespread category remains AdWare, accounting for 57% of attacked users, followed by general Trojans (25%) and RiskTools (12%). The ranking includes malware, adware and unwanted software,” it said.

South Africans are not safe

Locally, The South African Banking Risk Information Centre (SABRIC) and Standard Bank have already warned that smartphones are often targeted for the valuable data they contain.

SABRIC highlighted that a survey of 29 banking fraud professionals from nine of South Africa’s top banks identified the most concerning types of fraud: APP fraud and vishing (52%), phishing and smishing (48%), and SIM swap fraud (35%).

Standard Bank also flagged an increase in fake social media profiles and deceptive apps that impersonate bank officials to scam consumers and businesses.

The bank warned of a fraudulent WhatsApp group circulating on social media and claimed affiliation with an investment app called SBG SI Trader. 

The app falsely claims connections with Standard Bank, SBG Securities, and other platforms, including SBG Securities Online Share Trading. 

It also mentions the bank’s Financial Sector Conduct Authority operating license and one of its employees, David Hodnett.

“We would like to alert you that this information is fraudulent. Please remain vigilant to avoid falling victim to phishing scams, cybercrime, or unauthorised access by fraudsters,” the email read. 

“We encourage you to also be cautious of other social media, email, or phone (WhatsApp or SMS) communications requesting your personal information.”

The Southern African Fraud Prevention Services (SAFPS) has also noted a rise in mobile phone thefts aimed at exploiting banking apps.

In light of these threats, the SAFPS advises that if a phone is stolen, the priority should be contacting your bank to de-link your banking app from your accounts immediately.

After securing your financial information, you should contact your mobile service provider to cancel the SIM card.

This sequence is crucial to minimising the risk of unauthorised access to your financial data.