Facebook Messenger Used To Spread Banking Trojan

Facebook Messenger Used To Spread Banking Trojan

Facebook Messenger is one of the most popular messaging apps in the world, with over 1 billion monthly active users. Unfortunately, its huge user base also makes it an attractive target for cybercriminals looking to spread malware and steal personal data. One trend that has emerged is the use of Messenger to propagate banking trojans – a type of malware designed to steal online banking credentials and financial information.

What Is A Banking Trojan?

A banking trojan is a type of malware that is designed to steal confidential data related to online banking and financial accounts. It operates by infecting a victim’s device and monitoring their activity. When the user accesses online banking sites or financial applications, the trojan can record keystrokes, take screenshots and video, and steal login credentials.

Some capabilities of banking trojans include:

  • Keylogging to record sensitive information entered by the victim
  • Form grabbing to harvest login credentials and account numbers
  • Taking screen captures of banking activity
  • Redirecting banking transactions and altering amounts
  • Injecting fake login pages to trick users

Banking trojans are a lucrative business for cybercriminals, as the stolen financial data can be used for activities like unapproved wire transfers, opening fraudulent accounts, and stealing directly from bank balances. Losses can easily run into the thousands or millions.

How Messenger Is Used To Spread Banking Trojans

Cybercriminals have become adept at leveraging Facebook Messenger for malware distribution and banking fraud:

Social Engineering Schemes

Messages containing social engineering tricks are sent to unsuspecting users to infect devices or steal credentials:

  • Links to fake banking pages asking users to “verify account activity”
  • Messages warning of “unauthorized charges” with a malicious attachment
  • Requests for sensitive information like account numbers or passwords

Malicious Links

Messages will contain malicious links that download trojans and other malware:

  • Shortened URLs that redirect to trojan download pages
  • Links to phishing sites that mimic bank login pages
  • Links that automatically trigger downloads of infected files

Infected Attachments

Infected attachments sent via Messenger contain embedded trojans:

  • Invoice or receipt files that carry banking malware
  • Malicious PDFs or Office documents
  • Image files that trigger malware downloads when opened

Messenger Bots

Hackers create Messenger bots that distribute banking malware:

  • Bots engage users in conversation using natural language processing
  • After gaining trust, bots send links or files containing trojans
  • Legitimate-looking bots focused on banking, financial tips, etc.

Protecting Yourself from Banking Trojans on Messenger

Here are some tips to avoid falling victim to banking trojan scams on Facebook Messenger:

Be Wary of Unsolicited Messages

Never open links or attachments from random or unknown contacts – common sense but critical. Cybercriminals often pretend to be someone you know.

Check Sender Profiles

Scrutinize a messenger contact’s profile before engaging. Scammers use fake accounts with no profile pic, minimal connections, etc.

Avoid Mobile App Links

Only install mobile apps from official app stores like Google Play. Ignore unauthorized app links sent via Messenger.

Use Security Tools

Antivirus software and internet security suites can detect and block many banking trojans and phishing URLs.

Monitor Accounts Frequently

Carefully monitor financial accounts after accessing via Messenger. Watch for fraudulent transactions indicating theft.

Staying vigilant on Messenger and using secure banking practices can help mitigate the risk of banking trojan infections. But user awareness is the best defense against this prominent social engineering threat.

Facebook
Pinterest
Twitter
LinkedIn

Newsletter

Signup our newsletter to get update information, news, insight or promotions.

Latest Post