Currently, many users are switching to online banking, also known as Internet Banking. And it’s not uncommon for hackers to have found methods to hack your bank account. However, what you need to be concerned about is their criminal history and how you keep yourself safe.
Join the channel Telegram of the AnonyViet 👉 Link 👈 |
5 ways hackers use to hack your bank account
1. Malware Trojan
Today, you can manage all your money with just one phone. Usually, the bank will provide an official app where you can log in and check your account. Although convenient, this has become a vulnerability for hackers to spread malware.
Fake apps
The simplest attack method is to spoof an existing banking application. The hacker simply creates a perfect copy of the banking application and uploads it to third-party websites. After downloading the fake app, you enter your username and password into it, and these are sent to the hacker. November 2020, one The teacher has lost 1 billion dong for being cheated by this fake App.
App hijacking
Another version of it is Trojan Banking. They are not disguised as an official bank application; and usually a completely unrelated application with the Trojan installed inside. When you install this app, the Trojan starts scanning your phone for banking apps.
When it detects a banking application is being launched, the malware quickly creates a window that looks identical to the one you just started. If this is done smoothly, users won’t notice the difference and they can enter their details in the fake login window. This information will be sent to the author of the malware.
Usually, these Trojans also need an SMS verification code to complete the hacking process. To do this, the Trojan usually asks for permission to read SMS during the installation process, so it can steal the OTP code when you visit.
How to protect yourself
When downloading an app from an app store (CHPlay, Appstore), keep track of how many downloads that app has. If it has a very low download count or no reviews, it’s most likely malware. And if you find a bank’s app is very popular but has low downloads, then it is definitely malware.
Similarly, be careful with what permissions you give apps. If a mobile game asks you for permission to read SMS without a satisfactory explanation, don’t grant the game permission. Never install apps from third-party websites, as they can potentially contain a lot of malware.
2. Phishing Scam
As the community gradually learns about bank account hacking tactics, hackers also change their phishing methods to be more trendy with fake links. One of their common bad tricks is hacking email and facebook accounts and sending phishing messages to our acquaintances.
What makes this hack so terrible is that it is very difficult to spot the scam. The email address is legitimate and the hacker can even talk to you on that behalf. This is exactly how one unfortunate home buyer lost £67,000.
How to protect yourself
Honestly, the best defense is to always be skeptical of the people around you. Especially those who borrow money, and you should not trust anyone too much by email. It’s best not to chat or pay via email, re-verify if the email sender has been hacked with familiar questions.
3. Keyloggers
This attack method is one of the gentlest ways a hacker can gain access to your bank account. Keyloggers is a type of malware that records what you are typing and sends them to hackers.
It sounds hard to believe, but imagine what would happen if you entered your bank’s web address followed by your username and password. Hackers will have all the information they need to get into your account. Keyloggers can even hack your email account and capture your screen.
How to protect yourself
Install one good antivirus program and make sure to check your system regularly. A good anti-virus software will detect the keylogger and delete it before it can do any damage to you.
If your bank supports two-factor authentication, keep it enabled at all times. This makes keyloggers a lot less effective, as hackers won’t be able to copy the OTP even if they get your credentials.
4. Man-in-the-Middle Attack
Sometimes, hackers will target the communications between you and your banking website to get your personal information. These attacks are known as Man-in-the-Middle (MITM) attacks, and the name says it all; that’s when a hacker intercepts communication between you and the banking service.
Typically, a MITM attack would involve an insecure server and analyze that server’s data. When you send your login details through this server, hackers will “sniff” your information and get them.
However, sometimes, hackers will use DNS cache poisoning to change the website you visit when entering the URL. Poisoned DNS cache means that when www.yourbankswebsite.com goes to a website owned by hackers. This website will look exactly like the real thing; If you’re not careful, you’ll give the fake website your login information.
How to protect yourself
Never perform any “sensitive” activity on a public or unsecured network. Use caution and use something more secure, such as home Wi-Fi or a VPN. Also, when you log into a sensitive website, always check HTTPS in the address bar. If not, chances are you’re looking at a fake website!
If you want to do sensitive activities over public Wi-Fi, why not take control of your own privacy? A VPN service encrypts your data before your computer sends it over Wifi. If anyone is monitoring your connection, they will only see the encrypted information. You can refer to the best VPN services here.
5. SIM Swapping
SMS authentication codes are one of the biggest problems for hackers. Unfortunately they now have a way to bypass the SMS verification code and they don’t even need your phone to do it!
To perform SIM Swapping, the hacker will contact your network provider, claiming to be you. They say they lost their phone and they want to transfer the old number (which is your current number) to their SIM.
If they succeed, network providers will strip your phone number from your SIM and put it on the hacker’s SIM. Abroad, this is much more dangerous because it involves social security numbers as well. In addition, the attack trick follows SS7 . protocol can also get OTP code from your SMS.
Once they have your number on the SIM, they can crack the SMS code easily. When they log into your bank account, the bank sends an SMS verification code to their phone, not yours. They can then log into your account unhindered and take all your assets.
How to protect yourself
Of course, mobile carriers often ask questions to check if the person requesting the transfer is who they say they are. Therefore, to perform SIM swap, scammers often collect your personal information to pass this test. Even then, some network providers loosely check SIM transfers, which allows hackers to easily perform the trick.
Always keep your personal information private to avoid someone spoofing your identity. Also, you should check that your mobile carrier is doing their part to protect you from SIM swapping. If you keep your details safe and your network provider is careful, hackers won’t have a chance to make SIM transfers.
In addition to the above methods, there are many more ways that hackers can hack your bank account. In short, the best way to prevent this is to keep your personal information at the safest level. If so, no one can hack you.