Re: Mobile banking: alarm as fraudsters take over handsets and raid accounts

micky <NONONOmisc07@fmguy.com> wrote:

In comp.mobile.android, on Sat, 13 Jul 2024 18:45:12 -0000 (UTC), Chris
<ithinkiam@gmail.com> wrote:
 

David Wade <dave@g4ugm.invalid> wrote:

On 13/07/2024 15:17, Jörg Lorenz wrote:

On 13.07.24 15:42, Andy Burns wrote:

Jörg Lorenz wrote:
 

The article is extremely unspecific how the accounts/mobiles were taken
over. Not very helpful.

 
Snatch the unlocked phone from the user's hands.  Bonus points if they
can trick the owner into unlocking it, and then snatching it

 
Seriously?
 

 
Well that lets you onto the phone but most banking apps require the user
re-authenticate after switching to a different app. I suppose you can

 
That's a no-brainer.  Just snatch the phone when he's using the banking
app.

How would a thief know?

then reset access to the passwords.

 
Most people use the same passcode on the lock screen as for (banking) apps

 
Really?  I would never do that.  If I had a phone passcode it would be
different from all the others.  The bank password is the same as on the
PC, of course, where it was set a decade or more before there were
smartphones.

Not the same thing. Bank apps ask you to set a PIN as an added level of
security. People are lazy and don't want to remember another PIN so use the
same one as the phone lock screen.

so the thief videos you typing in your code and then steals the phone. Now
they get access to your phone AND money.