Thieves In Brazil Steal iPhones Just To Access Banking Info

Thieves In Brazil Steal iPhones Just To Access Banking Info

June 17, 2021 at 08:52PM

If someone swipes your phone in Sao Paulo, you might soon find yourself with much bigger things to worry about than buying a new mobile device.

That’s because thieves in Brazil’s largest city have begun swiping iPhones, and then using them to break into owners’ bank accounts, rather than simply reselling the phones, 9to5Mac reported.

The trend began with the pandemic and has only gotten worse, according to the report, which cited Brazilian newspaper Folha de S.Paulo. The story tells of iPhone 11 and iPhone XR users discovering their phones stolen, their devices unlocked and their bank accounts hacked.

Procon-SP, a Brazilian consumer protection agency, is preparing to take action against companies like Apple, banks and other smartphone makers, the report stated.

“Procon already acknowledged … a gang of cellphone receivers whose main illegal business is not the resale of cellphones, but the defrauding of passwords for bank fraud,” said Executive Director Fernando Capez, according to the report. “This is being done through an army of hackers.”

Added Police Chief Roberto Monteiro in the report: “Robbers noticed how much information people put in their phones. Usually, Waze users in the car with an Android smartphone are their main focus. Although breaking an iOS system is more difficult, they have also specialized in it.”

What investigators have yet to figure out is how criminals are getting past iOS and bank security, let alone a locked phone, 9to5Mac reported.

FinTech Nubank and Itaú Unibanco, the largest banking institution in Latin America, said they routinely work in security patches and stress the importance of updating apps and smartphones, according to the report.

And the Brazilian Bank Federation said all bank apps are secured, from the moment of development to the time they’re put into use, the report stated.

“In order for banking applications to be used, the use of the customer’s personal password is mandatory,” the federation said, according to the report. “The application’s usage data, as well as the customer’s password, are never stored by the bank’s applications on the customers’ cellphones.”

Banking apps walk a fine line when balancing user experience and digital security, making the goal for “intelligent friction” a challenging one to read, PYMNTS reported earlier this year.