The bank account of one of my workers was hacked this morning and his entire account was cleared leaving him with only N296. Guy’s almost losing his mind. So, I made this quick research to WARN YOU ahead with what you can do to keep your bank account well protected.
The reason for this is that bank users are fast-moving over to internet banking, and this has motivated hackers to hunt for login details. And they will go to any length to be able to access your money. Below are 5 ways they do it and what you can do to stop them according to Afridads.
Hackers can create a perfect replica of your bank’s app
A hacker can create a perfect replica of a bank’s app and upload it to shady 3rd-party sites. Once you’ve downloaded the fake app and enter your username and password into it, it’ll be sent to the hacker.
They may also install a malware in an unrelated app. When you install this app, the Trojan begins to scan your phone for banking apps. Whenever it detects a banking app being launched, the malware quickly puts up a window that looks identical to the app you just booted up.
If this is done smoothly enough, the user won’t notice the swap and will enter their details into the fake login page. These details are then uploaded to the hacker. Typically, these Trojans also need an SMS verification code to complete the hack.
To do this, they’ll often ask for SMS read privileges during installation, with it, they will steal the codes as they come in.
Solution 1
When downloading apps from the app store, check the number of downloads it has. If it has a very low download counts and little or no reviews, it might be an impostor. Also, be careful with what permissions you give apps. If a mobile game asks you for SMS read permissions, do not allow the app to install. Never install apps from 3rd-party sites, as they’re more likely to contain malware
Phishing
Hackers can hack email or chat accounts of your trusted contacts and send you emails or chats from there. They send links and trick people into clicking them. The sender address would be legitimate, and the hacker could even talk to you on a first-name basis
Solution 2
If an email address looks suspicious, treat it with a healthy dose of skepticism. If the address looks legitimate but something “seems off,” make every effort to validate the content with the person sending it and do so over a phone call rather than email.
Keyloggers
Keyloggers are a type of malware that records what you’re typing and sends the information back to the hacker. So, imagine what would happen if you typed in your bank’s web address, followed by your username and password in the presence of keyloggers.
The hacker would have all the information they need to have access to your account!
Solution 3
Ask your bank if they support two-factor authentication. If “Yes,” be sure to enable it. Do the same on your Whatsapp & other chat platforms. This makes the malware far less effective, as the hacker won’t be able to replicate the authentication code even if they get your login details. And if it’s possible, install antivirus to help you stop them on their track.
Man-In-The-Middle Attacks
A hacker can target the communications between you and your bank’s website in order to get your login details. These attacks are called Man-in-the-Middle (MITM) attacks. They monitor your activities when you’re using an insecure server.
“Sometimes, however, a hacker will use DNS cache poisoning to change what site you visit when you enter a URL. A poisoned DNS cache means that http://yourbankswebsite.com will instead go to a clone site owned by the hacker.”
This cloned site will look so identical to the real bank website. And if you’re not careful, you’ll end up giving the fake site your login details.
Solution 4
Desist from performing any sensitive activities (like banking) on a public or unsecured Wi-Fi connection. This cloned site will look so identical to the real bank website. And if you’re not careful, you’ll end up giving the fake site your login details.
If you must perform banking transactions or other sensitive activities over a public Wi-Fi network, read up about VPN on the internet. With it, you can take control of your own privacy. A VPN service encrypts your data before your computer sends it over the network.
SIM Swapping
A hacker can contact your network provider, claiming to be you and complaining that they lost their phone. They’ll then request that their old numbers be transferred to their new SIM card. With this, the network providers will then install your phone number on the hacker’s SIM.
Once they have your number on their SIM card, they can circumvent SMS codes easily. When they log into your bank account, the bank sends an SMS verification code to their phone rather than yours
Solution 5
I’m aware that network providers typically ask confirmatory questions to check if the caller is who they claim to be. But some of them can be lax with checks for SIM transfers, which allowed hackers to easily perform this trick. KEEP YOUR PERSONAL DETAILS PRIVATE.
As written on Twitter by Ajero Morgan
