New payment-card scam involves a phone call, some malware and a personal tap

by

New payment-card scam involves a phone call, some malware and a personal tap

Financial institutions should be on alert for a new scam that merges social engineering, undiscovered malware, and the near-field communication (NFC) abilities of mobile phones to compromise payment cards. Researchers from Cleafy have uncovered this scheme, primarily targeting Android devices in Italy, which aims to steal money from unsuspecting individuals.

Source: Cleafy

Key Points

  • Fraudsters are using a sophisticated series of steps to scam victims via Android devices.
  • The malware, named SuperCard X, is connected to another malware previously reported, NGate, which targeted Czech banks.
  • The scam begins with a fraudulent text message impersonating a bank, prompting victims to follow a series of steps to “secure” their account.
  • Follow-up malware instructions include bringing a debit or credit card close to an infected phone, compromising card details through NFC without detection.
  • SuperCard X is being offered as a malware-as-a-service (MaaS) by Chinese-speaking hackers, indicating a wider operational reach beyond just Italy.

Why should I read this?

If you’re into safeguarding your finances, this article is a must-read! Not only does it shed light on a sneaky new scam that could affect anyone with a mobile payment card, but it also reveals how bad actors are creatively using technology against us. Trust me, you’ll want to arm yourself with this knowledge to stay one step ahead of the fraudsters!