What do you know about Mobile Overlay attacks?

A Mobile Overlay attack is a widespread attack on Android mobile devices whose goal is to intercept credentials for accessing a target application via a Trojan about popular online services (retail, payment, and banking).
expert icon
Today ASK YOUR FRAUD EXPERT post is dedicated to Mobile Overlay attacks. Let’s ask our Fraud Expert how to manage them.

What is a Mobile Overlay attack?

A Mobile Overlay attack is a widespread attack on Android mobile devices whose goal is to intercept credentials for accessing a target application via a Trojan about popular online services (retail, payment, and banking).

How does it develop?

This type of malware remains silent, installed on the smartphone until the user starts an attacker-targeted app. At that point, the malware is activated, blocking the start of the original app and overlapping a fake view designed to mislead the user and have him enter his credentials or credit card data into the malicious application.

How to manage it?

To protect services from Overlay attacks, it is necessary to define a defense strategy of endpoint through user behavior monitoring:
Detect and block the threat: identify the presence of an Overlay Trojan in the user’s device before exposing sensitive information or functionalities;
Use strong un-phishable authentication. Avoid allowing the user to display his OTP code if it is misled;
Detect behavioral anomalies in the interaction with the service that may lead to suspect that these are not operations requested by the legitimate user.

DON’T WORRY…ASK US FOR HELP!

XTN Cognitive Security Platform® allows you to protect your services from Mobile Overlay attacks.

Published:

Share this Article:

Share on linkedin
Share on facebook
Share on twitter
Share on email

GET IN TOUCH

Have any question? We’d love to hear from you. 

Related Contents

Discover our resources

White paper, Business Case, Webinar and more