If you use one of the billion-plus Android devices around the world, you know Google's mobile operating system has been by hit by some serious malware the past year. One of the worst was called Stagefright, which allowed hackers to take over your Android device just by having you open a text or downloading an infected application.
Now, Android devices are vulnerable to a Trojan used by hackers to steal your banking credentials. They create phony apps designed to look like apps from financial companies and mobile payment companies in North America, Europe, Australia and elsewhere.
The SlemBunk Trojan works this way. You'll see a fake app for Adobe Flash Player, Facebook's messenger app WhatsApp, or others. It will request that you give it permission to be the device administrator. If you do, its fake app icons disappear, but continue to run in the background.
When you open your financial company's app, or mobile payment app, the malware then asks you to input your user credentials. In some cases, you're asked to input your credentials twice.
Note: Never click on links or open apps that you didn't personally visit or request.