Asaf Ashkenazi
Asaf Ashkenazi
Jul 14, 2020

 

In less than three weeks, the FBI has issued two official warnings that highlight how cyber criminals are taking advantage of COVID-19 by extracting both personal and corporate data from unsuspecting Americans.

On June 10, 2020, the FBI released a PSA that cautioned consumers, businesses and mobile application developers that cyber criminals are routinely hacking mobile banking apps due to their increased use during the pandemic. Shortly after this announcement, On June 26, 2020, the FBI released another fraud alert warning of online schemes that solicited COVID-19 antibody tests designed to harvest personal information and not provide any actual service.  

 

Unprecedented Mobile App Vulnerabilities During COVID-19

 

That’s a double-whammy, and it’s a two-pronged approach that gives cybercriminals an edge they could have only dreamed of five months ago. Indeed, some banks have even increased limits that are usually tightly controlled within their mobile banking apps. One can only imagine how hackers are targeting non-banking apps in the same way. It’s an open cattle call in many respects – a reason for cyber criminals to target mobile apps they perhaps wouldn’t have bothered with just a few short weeks ago.

For example, small businesses mobile bank accounts can now accept check deposits in much larger quantities and amounts compared to before COVID-19. A company that may have been restricted to mobile check deposits amounting to $10,000 per day may now have a limit that allows for much more. Limits were raised to offer convenience and to counter the restricted retail bank locations and hours, but it also opens the door for dramatically larger fraud opportunities – not because of the increased limits, but because people are using the app more often, and without any increased security. This means that almost overnight, mobile banking apps have become a much more appealing target for hackers.

 

As App Usage Skyrockets, So Do Cyberattacks

 

It’s the perfect storm for criminals willing to look for poorly protected mobile apps that can be easily targeted due to overarching bugs – which don't require the tedious task of hacking an individual’s password or account. If you master the ability to exploit bugs in an app used by many, it’s a far easier task than going after individuals. During this COVID-19 pandemic, the consumer should be cautious, but the developer of mobile apps should be doubly concerned. Developers' reputation for privacy and safety is at stake. Trust makes all the difference between a loyal customer base and one that leaves in droves as the result of scary data breaches.

By now, we’ve all heard about the need for social distancing. But for years, we've been warned about social engineering online – where criminals try to draw you in with seemingly helpful scams that are anything but. Social distancing is a truly necessary practice that can potentially save lives, but we are seeing criminals take advantage of people in isolation to gain the upper hand. Hackers are targeting mobile apps at an unprecedented rate because we’re using them more and more to make our lives convenient during the pandemic.

Mobile app developers must realize that a focus on app security should be at the forefront of their efforts in order to avoid transforming their users into victims. The more unappealing developers can make their apps for hackers, the better. There are numerous tools and methods for App Protection that will make it more difficult for criminals to exploit vulnerabilities. Book a call with a security expert to discuss your needs and learn more about how to safeguard your app, reputation, and your users with trusted solutions.

 

Sources

FBI: FBI Warns of Potential Fraud in Antibody Testing for COVID-19 

FBI: Increased Use of Mobile Banking Apps Could Lead to Exploitation