Russians previously warned of the type of credit card fraud, based on the legal and popular TeamViewer program and its analogues. At the same time, unlawful actions do not occur automatically due to the presence of such a program on the smartphone, says Alexey Drozd, head of the SearchInform information security department. First, the fraudster convinces the victim to install this software on a smartphone, then he lures out the connection information – ID and password.
After that, the fraudster already uses TeamViewer functionality for remote control of the smartphone, says Maxim Fedyushkin, Kaspersky Fraud Prevention head of department. However, Gazprombank decided to insure against intruders taking control of the client’s phone. “We carefully studied the security policy of TeamViewer and similar applications. Unfortunately, they potentially pose a serious threat to the security of our customers’ funds. An attacker can use the application to gain access to the Internet bank – we regularly record such attempts, ”the bank said.
Nevertheless, Gazprombank is ready to meet its customers and “in some cases allow the use of TeamViewer to those who are willing to take risks.” As Nikolai Anisenya, head of the Positive Technologies Mobile Applications Security Research Group, points out, the effectiveness of this method can be described with the words “better than nothing.” However, it is worth remembering that in addition to Team Viewer, there are many other remote access applications to the screen, the presence of which also needs to be checked, the expert added.
However, most major players do not prohibit access to the mobile bank if remote access software is installed on the client’s device. “We do not use such schemes, but use antifraud based on the financial component of transactions,” said Vyacheslav Kasimov, director of the ICB’s information security department. Uralsib also said the same, they also explained that such activity, according to the bank, is necessary when protecting against malicious applications, but they have their own identifiers that can change at least for each individual user, therefore this protection method does not work practically in 100% of cases.