Check your phone! Your bank is the target

I’ve got some urgent news you need to pay attention to. The nefarious Xenomorph Android malware I told you about in February is back in full force — and it’s targeting a whopping 100+ banking and crypto apps. Yeah, that’s just about all the major ones.

The Trojan (like the horse) is now even stealthier. The upgraded Xenomorph is launching a fresh assault on Android users — and there’s a tricky way it’s worming in: Through fake updates.

Get out of here, copycat

Xenomorph uses overlays to make you think you’re logging into your banking or crypto app — then uses details you provided to drain your account. You think everything is fine until you find all your money or crypto wiped out.

How is it spreading? This is interesting. Scammers have a new weapon of choice: Sites that fool you into thinking Chrome needs an update. What you end up downloading is a malicious file loaded with malware. 

Guess which apps are in the crosshairs? 

  • We’re talking major players here like Chase, Citi, Bank of America, Capital One, PNC, Santander, TD Bank and Wells Fargo. 
  • On the crypto side, Coinbase, Binance and MetaMask aren’t safe. 

The cherry on top? The overlays this malware uses to trick you can differ based on your physical location. Not a one-trick pony.

Be on high alert, keep your apps updated, and whatever you do, don’t fall for sketchy Upgrade Chrome messages. Always double-check sources and stick with the official Apple App Store and Google Play Store for downloads. 

My words of wisdom: To update your browser, you only need to shut it down and restart. Updates are auto-installed. Don’t trust any site that tells you it’s the place to score the latest version — or tries to convince you that downloading a file is necessary to update your browser.

Stay smart, stay safe and keep those digital shields up! I’ll do my very best to keep you in the loop. Share this critical info you won’t find at the big news sites with someone you care about.

Tired of scam phone calls? Here are the top fake numbers and their associated scams

Are there certain numbers you never answer? If I see one that starts with the same few digits as mine, I know it’s likely a scam. That’s one of the tricks they use to get you since you’re most likely to answer if the number is vaguely familiar.

Continue reading

Wells Fargo fires employees for faking work

Open/download audio

Over a dozen workers were caught faking keyboard activity and using mouse jigglers to look busy. Plus, CVS recalls 133 medications, the controversial Windows Recall faces a delay, and a must-know site for those wary of flying Boeing planes.

Bank apps — How they know you are YOU

Strong, unique passwords are the least you can do to protect online accounts. Here’s a primer to get you started. While two-factor authentication (2FA) is becoming a common security step for apps and services, some industries have yet to adopt it.

Continue reading

Convincing bank text scam could cost you thousands

Online banking is convenient and safe as long as you take some precautions. While it’s nice to avoid standing in long lines waiting for a teller, there’s always the chance for hackers and scammers to get involved. Tap or click here for three online banking mistakes putting your money at risk.

Continue reading

New phishing scams targeting your bank account

Your personal information is precious to cybercriminals, but they also want to make some hard cash. When they are not selling malware or sensitive data on the Dark Web, many work on financial phishing scams.

While the tactics often vary, the end goal is to steal as much of your money as possible. And it’s not just one bank’s customers who are targeted. Over the last few months, many scams used fraudulent details for almost every bank in the U.S.

Continue reading