The popularity of electronic payments has been steadily increasing in recent years.
According to a recent US federal reserve survey, cash payments accounted for only 26% of all payments in 2019, while for the remaining 64% used credit and debit cards and electronic payment methods.
Meanwhile, the COVID-19 pandemic has brought with it drastic changes in the way we do our shopping: e-commerce is facing increasing demand —because governments are restricting people’s interaction to limit the spread of the virus— and because by quarantine we are doing most of our shopping on the Internet.
And as we make our payments more and more cashless, new mobile payment products and methods have been created. “Apple Pay”, “Google Pay”, “PayPal”, “Venmo” and “WeChat Pay” have emerged as the most popular mobile payment applications.
However, mobile shopping can be risky.
Experts from ESET, the global cybersecurity company, show us some of the key risks and ways in which we can be deceived; and advise us on what we can do to protect ourselves.
One of the biggest risks you face is the loss of your device; and that’s because some of your most sensitive information and transaction data are found on your mobile device, if you use apps for mobile payments.
If you don’t lock your phone properly, criminals can charge your cards, or use your apps to make purchases. In addition to ending up with either an empty bank account or overloaded cards, this can damage your creditability, which can make it difficult to get a loan or mortgage in the future.
Smartphones, like other devices, can be “infected” by malware; depending on the type of software, cybercriminals can perform various kinds of malicious activities. The “keyloggers” e.g. can record and transmit to cybercriminals the keystrokes you make on your mobile phone, allowing them to obtain the passwords or account credentials you use in payment applications.
Another thing cybercriminals can do is develop fake apps disguised as something else to attack the payment apps you use. For example, ESET researchers discovered a trojan disguised as a tool that improves mobile battery performance, which targets users of the official “PayPal” app and tries to transfer 1,000 euros to the attacker’s accounts.
Don’t deceive me
In addition to stealing your “smartphone” or trying to infect it with malware, cybercriminals rely on other, more traditional means to “lighten” your wallet. They rely on cyber-crime; for example, cybercriminals can pretend to be someone you may already know and ask you for help dealing with an emergency.
The scammer can also access your contact list and pretend to be someone you’ve already sent money, using an app for mobile payments.
Cybercriminals can also resort to more common ways of cheating. They can, for example, use dating apps to build a relationship and then try to extract money from their victims, giving various reasons, such as urgently needing money to pay hospital costs.
Another popular tactic is scams through contests, or prizes; here the prospective victims will be informed that they have won a huge prize; however, to receive it they will have to pay a transaction fee. Of course, they will never receive the “incredible” prize from the fictional contest in which they never participated, and they will probably never receive the “payment receipt” back.
There are also phishing attacks, where scammers fake the company that uses the app for mobile payments.
Fake websites created by scammers try to trick victims into revealing their account password, and being able to empty accounts or sell login details to others.
How to protect yourself
The first line of defense to protect you and your money is to activate all security measures offered by your phone. These include activating a combination of biometric lock (face scan, retina scan, fingerprint scan) and lock code.
Once you do this, it’s difficult for someone to break into your phone, or use apps for mobile payments. That’s because every time you want to access them, or make a transaction or buy something, the device will ask you to verify your identity. However, there is one point to watch out for: depending on the country, payments up to a certain limit do not require verification of your personal information.
Also, both “Android” and “Apple” devices support “finding my phone” features, which allow you to turn off your phone remotely if you lose it or steal it from you… and may even allow you to delete the data of a lost device remotely.
In addition, most payment apps allow you to enable additional security features —such as two-factor authentication— that you’ll need to activate immediately if you haven’t already.
You can also lock applications with additional security measures —such as biometric locks and codes— and you can enable the same security measures for transactions.
You’ll also need to turn on transaction or payment notifications. Then, if suspicious activity occurs, you will be notified (almost) in real time.
To avoid downloading malicious apps that target your wallet, it’s necessary to always check what you’re installing on your phone, so you don’t install a malicious app disguised as something else.
A good rule is to also check application permissions.
Last but not least, consider using mobile security software to protect yourself from the majority of threats and stop malicious activities. An added advantage is that fully equipped security products have protection for banking and payment applications.
(Συνολικές Επισκέψεις: / Total Visits: 14)
(Σημερινές Επισκέψεις: / Today's Visits: 1)