The Wild West's guide
to mobile banking malware

Or how Jesse James would rob your banking details

Did you know?

Prior to 1900, fewer than 10 bank robberies took place in the "Wild West".

In contrast, there were over 4 million financial attacks on mobile phones in 2014 alone.

$0

one of the most successful bank
heists in the Wild West.

$0

stolen by Zeus in 2012,
a mobile banking Trojan.



Jesse James' 6-step guide to mobile banking theft

A look into tactics used by hardened banditos, gunslingers, and garden-variety hackers.

Step 1: The Plan

Outlaws identify vulnerabilities, then develop exploits. If they don’t have the skills, they hire a bounty hunter on the black market.

Step 2: The Gear

Long coats, bandanas and pistols are passé. Today phishing emails and infected websites are the weapons of choice to secretly install malware on victims' phones.

Step 3: The Setup

If distracting the Sheriff and Deputy at the local saloon fails, banditos wait until their victims access their online bank accounts, then steal passwords and usernames. With an accomplice – injected code, they secretly add fields to the banking portal, asking for mobile phone numbers.

E-Banking

Access

Step 4: The inside man

Outlaws need the critical combination key to the vault... So they then send an SMS to the phone number as if it came from the bank, telling their victim to install a 'security app'. This infected app intercepts SMS messages, including authorization codes from the bank.

Step 5: The Heist

No (virtual) guns blazing: outlaws have the username, password, and authentication code. They can now drain the bank account.

Step 6: The Getaway

There is no need for saddled horses waiting to whisk the gunslingers to safety. The mobile malware deletes itself without leaving a trace!

Protect yourself

Avira Vault

Shield your credit card details and confidential photos with Avira Vault for iOS.

Avira Antivirus

Secure yourself against mobile threats with Avira Antivirus Security for Android.

We got you covered

Identity Safeguard

Better than the telegraph – it alerts you if your data was leaked in a security breach.

Browser Safety

We check every site you access against our cloud database and block them before they load.

Antivirus Protection

We block all banking Trojans and infected apps from ever getting onto your phone.

AppLock

Password protect your sensitive apps.

Yell

Remotely trigger a yell to find a lost or misplaced phone.

Remote lock

Remotely lock your phone at any time.

Data Wipe

In case all else fails, remotely delete all your phone's data.

Locate

Pinpoint your phone's location on a map.

Prompt

Let the person who finds your phone contact you with one tap on the home screen.

Device Management

Administer your security from behind the bench (aka dashboard): from where you can remotely activate your remote anti-theft tools.