Given how much information is stored on our mobile devices, it's no surprise that scammers have chosen to target these devices in their ongoing efforts to steal money and data. The latest threat to Android devices is a phishing app called Acecard that gets downloaded with certain legitimate apps. It then gathers information from your banking apps, or other common programs like Facebook, Twitter, Instagram, WhatsApp, Skype, PayPal, and Gmail. This sneaky Trojan uses overlays, which are sign-in screens that look just like the ones you'd expect to see for the real apps. With overlays, the scammers capture your login or credit card information and use this data to steal from you directly or sell to others.
Acecard has been in use since 2014, but activity picked up in the second half of 2015, when experts noted 6,000 attacks in countries across the globe. Experts say different versions of the Trojan have been developed, becoming more of a threat over time.
Fortunately, there are steps you can take to avoid such attacks:
Note that Acecard is often disguised as a Flash Player, which is no longer used by Android. Don't download anything that includes Flash as part of the package.
Avoid downloading anything from third-party sources.
Even on Google Store, only download apps from reputable sources, and avoid downloading any app you don't really need.
Pay attention to the permissions each app asks for, and don't agree to anything that seems suspicious.
Use a security app such as Kaspersky Internet Security, which offers free basic protection.
Remember, by being careful, you can outsmart the scammers.
©2016 Cornerstone Publishing Group Inc.
Source: Safeguarding Our Customers