Skip to content

Recent FBI Warnings Show Cybercriminals’ Dual Emphasis on Developer and Consumer Targets

Man with binoculars looking at code

In less than three weeks, the FBI has issued two official warnings that highlight how cyber criminals are taking advantage of COVID-19 by extracting both personal and corporate data from unsuspecting Americans.

On June 10, 2020, the FBI released a PSA that cautioned consumers, businesses and mobile application developers that cyber criminals are routinely hacking mobile banking apps due to their increased use during the pandemic. Shortly after this announcement, On June 26, 2020, the FBI released another fraud alert warning of online schemes that solicited COVID-19 antibody tests designed to harvest personal information and not provide any actual service. 

Unprecedented Mobile App Vulnerabilities During COVID-19


That’s a double-whammy, and it’s a two-pronged approach that gives cybercriminals an edge they could have only dreamed of five months ago. Indeed, some banks have even increased limits that are usually tightly controlled within their mobile banking apps. One can only imagine how hackers are targeting non-banking apps in the same way. It’s an open cattle call in many respects – a reason for cyber criminals to target mobile apps they perhaps wouldn’t have bothered with just a few short weeks ago.

For example, small businesses mobile bank accounts can now accept check deposits in much larger quantities and amounts compared to before COVID-19. A company that may have been restricted to mobile check deposits amounting to $10,000 per day may now have a limit that allows for much more. Limits were raised to offer convenience and to counter the restricted retail bank locations and hours, but it also opens the door for dramatically larger fraud opportunities – not because of the increased limits, but because people are using the app more often, and without any increased security. This means that almost overnight, mobile banking apps have become a much more appealing target for hackers.

As App Usage Skyrockets, So Do Cyberattacks


It’s the perfect storm for criminals willing to look for poorly protected mobile apps that can be easily targeted due to overarching bugs – which don’t require the tedious task of hacking an individual’s password or account. If you master the ability to exploit bugs in an app used by many, it’s a far easier task than going after individuals. During this COVID-19 pandemic, the consumer should be cautious, but the developer of mobile apps should be doubly concerned. Developers’ reputation for privacy and safety is at stake. Trust makes all the difference between a loyal customer base and one that leaves in droves as the result of scary data breaches.

By now, we’ve all heard about the need for social distancing. But for years, we’ve been warned about social engineering online – where criminals try to draw you in with seemingly helpful scams that are anything but. Social distancing is a truly necessary practice that can potentially save lives, but we are seeing criminals take advantage of people in isolation to gain the upper hand. Hackers are targeting mobile apps at an unprecedented rate because we’re using them more and more to make our lives convenient during the pandemic.

Mobile app developers must realize that a focus on app security should be at the forefront of their efforts in order to avoid transforming their users into victims. The more unappealing developers can make their apps for hackers, the better. There are numerous tools and methods for App Protection that will make it more difficult for criminals to exploit vulnerabilities. Book a call with a security expert to discuss your needs and learn more about how to safeguard your app, reputation, and your users with trusted solutions.

Do you have questions about applications and content security?

Book a call with one of our experts

Want to keep up with Verimatrix news?

Sign up to the newsletter

Recent Posts

5 Misconceptions of Root Detection

Most mobile security architects and app development are aware of the dangers of running their apps on rooted devices (or Jailbroken in iOS terminology). At

Streamkeeper Named a Product of the Year

Streamkeeper Named a Product of the Year

Verimatrix Streamkeeper was recently awarded a bronze in the Enterprise Product of the Year – Security Software category of the 2022 Best in Biz Awards…
5 Misconceptions of Root Detection

5 Misconceptions of Root Detection

Most mobile security architects and app development are aware of the dangers of running their apps on rooted devices (or Jailbroken in iOS terminology). At…

Hacia una defensa proactiva contra amenazas en aplicaciones móviles

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a standard security measure to protect IT systems from bots and other…
Want to take a deep dive?

Connect with us