• 07 3184 7575

Are Your Mobile Banking Apps Really Safe?

  • Home
  • Blog Posts
  • Are Your Mobile Banking Apps Really Safe?
  • September 18, 2025
  • 0 Comments

Mobile phishing attacks are evolving, and cybercriminals have found a new way to target iOS and Android users. Have you heard about the latest tactic using Progressive Web Applications (PWAs) and WebAPKs? These are no ordinary apps—they’re designed to mimic legitimate banking software, making it easier for hackers to steal your login credentials.

So, how does this scam work?

On iOS, users are tricked into adding a PWA to their home screens. These PWAs look like stand-alone apps, but they’re actually web applications bundled to deceive you. On Android, the threat is even more sophisticated. Hackers use WebAPKs—apps that appear to be installed directly from Google Play. These apps don’t trigger any security warnings, even if you haven’t enabled third-party installations.

Imagine opening what seems to be your trusted banking app, only to unknowingly enter your login details into a phishing page. That’s exactly what happens with these fraudulent apps. The moment you submit your credentials, they’re sent directly to the attackers’ command-and-control servers.

This new method isn’t just theory—it’s happening now. ESET, a leading cybersecurity firm, uncovered this threat, which has been active since late 2023. Initially, the attacks targeted mobile banking users in the Czech Republic, but they’ve since expanded to Hungary and Georgia.

What makes this attack even more dangerous is its delivery method. Hackers are using a mix of automated voice calls, social media ads, and SMS messages to distribute links to these malicious apps. The fake apps are designed to look like they come from official sources like Google Play or the Apple Store. Once installed, the app’s icon appears on your home screen, ready to lure you into entering your sensitive banking information.

The worst part? These attacks are incredibly hard to detect. The apps are almost indistinguishable from legitimate ones, and cybersecurity experts warn that more of these copycat applications may be on the way.

What can you do to protect yourself?

  • Be cautious with app installations: Always double-check the source of any app you’re prompted to install. If something feels off, it probably is.
  • Stay updated: Regularly update your mobile device’s operating system and security features.
  • Use cybersecurity tools: Consider adding an extra layer of protection with trusted anti-malware software.

Don’t wait until it’s too late. Cyber Safe Business can help you safeguard your digital life. Reach out to us today for a personalized cybersecurity assessment and ensure your mobile devices are protected against the latest threats.

Stay safe, stay secure.

Previous Post
Massive $1.4B Cryptocurrency Heist Linked to Sophisticated State-Sponsored Attack
 Next Post
Oracle Quietly Notifies Customers After Possible Cloud Breach, Despite Public Denials