People often wonder whether it’s safe to use mobile banking apps, worrying about the security risks that come with their convenience. Those who do not install mobile banking apps for security reasons can now point to specific evidence that shows their vulnerability to exploitation.

Consumers are repeatedly told only to install apps on our phones from trusted sources like official app stores. It has now come to light that hundreds of apps on the offical app store for Android Phones, Google Play, have been infected with a trojan known as “BankBot”.

This trojan gets onto your phone alongside legitimate apps. Trojans are so named because of the famous trojan horse. They are a secret payload hiding within something else.

An app that is not intended to be malware can be compromised so that it includes the unwanted software. Once installed, the trojan hides in the background, and can intercept any information you receive, input or hold on your phone.

The trojan is specifically designed to steal online banking details. It tracks when you launch an online banking app, and loads a form on top of your login screen to capture your credentials. Your app will still work as normal, and there will be no indication that anything is wrong, or that your online banking login details have been captured by cyber criminals.

As the malware can also intercept text messages, it can bypass the two factor authentication checks banks use, often using a code contained in a text message as the second authentication factor.

It’s Not 100% Safe to Bank on my Mobile Device – What Can I Do About it?

For many of us, mobile banking apps are now part of our way of life. To stop using them because other apps may compromise security means we’re allowing criminals to rule us. There are precautions we can take to reduce risk, and still gain the convenience of mobile banking apps.

Only downloading widely known and trusted apps will reduce your risk. These apps are updated often (each update would remove any infection), and are likely to be harder for criminals to infect.

Installing antivirus on your phone, such as Webroot, will help to protect your device. The premium version of webroot includes an app inspector, in addition to its other security benefits. The app inspector scans apps for malicious code and malware, and because the platform is cloud based it won’t slow your device down and you’ll always be protected against the most recent threats.

Unfortunately, many people don’t realise they can get malware on their phone – so they don’t even consider antivirus for it, even though they would always install it on a PC.