Online banking trojan attacks Windows Mobile smartphones
According to reports from F-Secure and Kaspersky, fraudsters are using a special trojan for smartphones to target users who use mTANs for online banking. As well as a Symbian version, there is now a version which specifically targets Windows Mobile.
It uses the same trick as the September wave of trojans which targeted Symbian mobiles. After infecting a PC, the Zeus trojan displays additional fields on online banking web sites, into which the victim is requested to enter the number and make of his or her mobile phone. The victim then receives a text containing a URL for what claims to be a certificate update. After installation, this turns out to be a trojan which secretly forwards texts containing mTANs to a phone number in the UK.
Anyone installing software onto a smartphone should always check that it comes from a trusted source. Web sites accessed via a link contained in an email or text message by definition do not fall into this category.
- Security on Symbian mobiles: Early signs of crumbling, a report from The H.
- Manipulated Nokia phones intercept SMS, a report from The H.