News by Keka Araújo New Smartphone Scam Targets Bank Accounts Via NFC Remember, your bank will NEVER contact you in this manner!







A wave of sophisticated cyberattacks, originating from China, is targeting iPhone and Android users across the U.S. and Europe, putting sensitive data and finances at substantial risk.

Security experts, including those at the cybersecurity threat intelligence company Cleafy, have uncovered a novel method that exploits Near-Field Communication (NFC) technology. Cleafy identifies this as a “significant new trend” posing a serious challenge to financial institutions.

The scam typically begins with an urgent text or WhatsApp message, crafted to mimic a bank security alert and warn of a suspicious outgoing payment. Victims are then urged to call a provided number to dispute the transaction.

Upon calling, victims are deceived into interacting with their banking app, confirming their PIN, and holding their bank card near their phone. This action enables attackers to remotely capture card details using NFC, which are subsequently used to conduct unauthorized contactless payments or cash withdrawals.

Cleafy’s analysis reveals that attackers often persuade victims to install a seemingly benign application, delivered via SMS or WhatsApp. Unbeknownst to the user, this application harbors malware that facilitates the NFC-relay attack. This remote exploitation of NFC, combined with the proliferation of text scams, enables attackers to operate at scale without requiring close physical proximity to their victims.

The FBI has issued warnings about similar fraudulent schemes, emphasizing that legitimate banks, tech support providers, and law enforcement agencies will not initiate contact with individuals in this manner. The FBI strongly advises that recipients of suspicious texts or emails use official channels to contact the relevant organization directly.

The crucial point, as with other scams, is that users must refrain from engaging with unsolicited calls or messages. Scammers are highly skilled at deception, and any interaction can result in a financial loss.

Remember, your bank will not contact you in this manner.

