The phishing websites targeting iOS instruct victims to add a Progressive Web Application (PWA) to their home-screens, while on Android the PWA is installed after confirming custom pop-ups in the browser.
At this point, on both operating systems, these phishing apps are largely indistinguishable from the real banking apps that they mimic.
This crucial installation step bypasses traditional browser warnings of 'installing unknown apps': this is the default behavior of Chrome's WebAPK technology, which is abused by the attackers.
These websites are distributed via automated voice calls, SMS messages, and social media malvertising via Facebook and Instagram.
[
Collection
]
[
|
...
]