ESET Research Discovers Uncommon Phishing Campaign Targeting Mobile Users and Prominent Czech Bank Clients

ESET Research has uncovered a sophisticated phishing campaign targeting mobile users, with a particular focus on clients of a major Czech bank. This unique technique involves the installation of a phishing application from a third-party website without the user’s explicit permission, posing a significant threat to both Android and iPhone (iOS) users.

The phishing websites targeting iOS devices prompt victims to add a Progressive Web Application (PWA) to their home screens, while on Android, the PWA is installed after confirming custom pop-ups in the browser. These phishing apps closely resemble legitimate banking apps, making it difficult for users to distinguish between the two.

The use of PWAs allows these phishing campaigns to target users across different operating systems, presenting a new challenge for cybersecurity experts. ESET analysts working on the ESET Brand Intelligence Service in Czechia observed this novel technique, which has the potential to bypass traditional security measures.

Furthermore, the phishing campaign utilized various delivery mechanisms, including automated voice calls, SMS messages, and social media malvertising. By leveraging these tactics, the threat actors were able to reach a wide audience and deceive unsuspecting users into divulging sensitive information.

The discovery of multiple phishing campaigns using different URL delivery methods highlights the sophistication of these attacks. ESET researcher Jakub Osmani emphasized the importance of remaining vigilant and cautious when interacting with unfamiliar links or applications, especially on mobile devices.

Overall, this latest phishing campaign underscores the evolving nature of cyber threats and the need for robust security measures to protect mobile users from falling victim to such sophisticated attacks.