Mobile phone users warned of 'surge' in app scam 'harvesting' bank details

Millions of mobile phone users are being urged to remain vigilant as experts report a sharp surge in malicious apps designed to steal bank and personal information. The issue is particularly prevalent on Android devices.
Cybersecurity and anti-fraud organisations say fake apps are increasingly posing as everyday tools, such as PDF readers, file managers, phone cleaners, or even web browsers. Han Sahin, CEO of ThreatFabric, said: "Just as we've learned to be cautious with links, we now need the same vigilance when installing apps. This is the logical next step in staying safe, and public awareness is crucial."
While they may appear harmless when first installed, these fraudulent apps can secretly enable features that give criminals access to sensitive information.
Users are being told to beware of surprise prompts to update or install unfamiliar apps, especially if they come with requests for unusual permissions, such as “accessibility” access.
Some rogue apps may display fake “busy” or “waiting” screens, lock users in, or even place convincing overlays on top of real banking apps to grab passwords and security codes.
International crime groups are believed to be behind the wave of attacks, exploiting gaps in mobile security as they develop increasingly sophisticated tactics.
Garry Lilburn, operations director at CDA, said: "This crime highlights the growing prevalence and sophistication of mobile malware.
"As we work to better understand and disrupt this evolving threat, it's crucial that financial consumers stay vigilant, follow recommended security tips, and take a moment to verify what's in front of them - before becoming the next victim of this highly targeted fraud."
Organisations including the Cyber Defence Alliance, UK Finance, Cifas, and ThreatFabric are all calling on the public to “stop before you tap,” and take the following precautions:
- Only download apps from trusted sources.
- Check app reviews and developer information before installing.
- Keep your device's operating system and apps up to date.
- Report suspect apps or activity to your bank immediately.
- Be wary of apps requesting unnecessary permissions.
Dianne Doodnath, principal of economic crime at UK Finance, said: "We encourage customers to stay alert to all threats of fraud, including the potential for criminals to trick people into downloading malware onto phones, which could put their personal and financial information at risk of theft.
"It's important that you keep your phone security system up-to-date and always download from trusted sources to ensure you're protected from the risk of fraud and data harvesting."
Daily Express