New Banking Malware and Black Friday Scams Pose Threats

Just two weeks before Black Friday weekend, cybersecurity experts are sounding the alarm: a new generation of banking malware is threatening even encrypted communications. At the same time, banks are seeing a sharp increase in sophisticated online fraud schemes.

Dutch security firm ThreatFabric on thursday discovered a sophisticated Android Trojan called Starling. Unlike conventional malware, it does not directly attack banking apps – it infiltrates supposedly secure messengers like WhatsApp, Telegram and Signal.

the perfidious method: Sturnus bypasses end-to-end encryption by intercepting screen content, after it has been decrypted for the user. in fact, the malware is sitting right over the user’s shoulder.

Related to the topic of smartphone security: Many Android users overlook these 5 protective measures that protect against Trojans like Sturnus – from checking app sources to authorization checks. The free guide explains step by step how to use WhatsApp, Telegram & online banking safely and how to recognize unwanted access rights. Immediately actionable guidance for sideloading prevention and accessibility control. Download free android protection package now

“sturnus represents a complete and highly specialized threat,” warn ThreatFabric analysts in their report. The trojan is currently focused on financial institutions in southern and central Europe, but experts expect it to spread quickly.

The infection occurs via so-called “sideloading” – the installation of apps outside of the official Google Play Store. the Trojan masquerades as a legitimate application and requests “accessibility” access rights. Once granted, it records keystrokes, steals credentials and makes transfers unnoticed.

Crucial protective measure: Users should only install apps from official stores. Particular caution should be exercised when requesting permission for “accessibility” – legitimate apps almost never need this feature.

Ghost shops prey on Black Friday shoppers

Parallel to the malware threat, the number of classic scams is exploding. Australia’s National Bank (NAB) reported a 40 percent increase in goods and services fraud via social media on Wednesday.

Chris Sheehan, head of fraud investigations at NAB, warns of „Ghost stores” – deceptively real fake websites of well-known retailers.These often appear at the top of search results or social media feeds and lure people with supposedly sold-out products at bargain prices.

“Criminals are ramping up their activity and flooding