The infamous Xenomorph Android malware, known for targeting 56 European banks in 2022, is back. But now, it is back, in full force targeting US banks, financial institutions and cryptocurrency wallets.
The cyber security and fraud detection company, ThreatFabric has called this one of the most advanced and dangerous Android malware variants they’ve seen.
How is this happening, you may ask? This malware is being spread mostly by posing as a Chrome browser or Google Play Store update. When a user clicks on the “update,” it installs the malware designed to automate the process of accessing your online accounts and begins extracting and transferring funds.
Besides being aware of this scam (and you should absolutely let your spouse, partners and family know as well), we’re going to inform you on a few ways to protect yourself:
- Be sure to avoid links and attachments in any unsolicited e-mail. Simply previewing a document could infect your device, so never open or click on anything suspicious.
- If updating your browser, simply close it and reopen. You don’t have to download an application to update it. ALSO, the Google Play Store app will NOT ask you for an update, so don’t fall for any website alert or text stating you need to download an update.
But remember, bank fraud can manifest itself in several forms, including:
- Phishing Scams: Cybercriminals send deceptive e-mails or messages, often impersonating trusted entities like banks or government agencies, to trick you or your employees into revealing sensitive info like login credentials. Sometimes these are facilitated by phone calls, so make sure your team is fully aware of this. The latest MGM hack happened when a hacker called the company’s IT department requesting a password reset.
- Check Fraud: Criminals may forge or alter your business’s checks to siphon funds from your account, making it essential for you to secure your checkbook. So be careful about sharing or emailing your account information. You might consider going checkless to cut down on the chances of your account being hacked.
- Unauthorized Wire Transfers: Hackers may compromise your online banking credentials to initiate unauthorized transfers, diverting funds to their accounts.
- Account Takeover: Criminals may gain control of your business’s online banking accounts by taking advantage of weak, reused passwords or any security gaps, such as e-mailing your passwords to others or storing your bank password in your browser, allowing them to make unauthorized transactions.
- Employee Fraud: Surprisingly, even employees may engage in fraudulent activities, such as embezzlement or manipulating financial records
We cannot reiterate this enough, but please protect yourself, using strong, unique passwords for your online banking accounts. Never store them in your browser. Also, update your passwords monthly with significant changes to them (adding uppercase, lowercase, symbols and numbers that are at least 14 to 16 characters).
Second, always turn on multifactor authentication (MFA) so you’re notified if anyone tries to log into your accounts, without your knowledge.
Third, set up alerts for large withdrawals. You can ask your bank to require a physical signature for wire transfers to protect you from someone accessing your account without your signature.
Fourth, get fraud insurance that specifically covers employee and online theft, so you are protected in the event a cybercriminal steals money from your account.
And, as always, make sure you have strong cyber security in place for ANY device, that logs into a bank account or critical application. So many businesses believe that if their data is “in the cloud,” they’re safe. Realize, your bank account is “in the cloud,” and the bank likely has a secure portal, but that doesn’t mean YOU can’t be hacked.
If you want to ensure your organization is truly secure, click here to request a free Cyber Security Risk Assessment to see just how protected you and your organization are against known predators. If you haven’t had an independent third party conduct this audit in the last 6 months, then you’re long overdue.
It’s completely free and confidential, with NO obligation. Voice scams are just the latest in a tsunami of threats aimed at small business owners, and the most susceptible being the ones who never “check the locks” to ensure their current IT company is doing what they should. Don’t be a sitting duck! One of our friendly and helpful techs are ready to help and be reached at 201-402-1900, or via email at: info@krsit.com.