Nigerian Bank Issues Fresh Warning to Customers About Mobile Apps Used to Steal Banking Details
- Ecobank has issued a security advisory warning customers about fraudsters using fake mobile applications to steal banking credentials and intercept OTPs
- The bank identified fake sports betting, streaming, banking support, and phone update apps as common disguises used by cybercriminals
- Ecobank urged customers to download banking apps only from the Google Play Store or Apple App Store and to report all suspicious activity immediately
Ecobank has issued a security advisory urging its customers to exercise caution when downloading mobile applications, warning that cybercriminals are deploying fraudulent apps to gain unauthorised access to personal banking accounts.
The bank said fraudsters are circulating fake advertisements and pop-up prompts across social media platforms, websites, and messaging applications to lure users into installing malware-loaded apps.

Source: Getty Images
How the Malware Works
In a message to customers seen by Legit.ng on Thursday, July 16 the bank said these applications typically masquerade as legitimate tools, including sports betting platforms, live score apps, streaming services, utility programmes, banking support tools, and phone update installers.

Read also
100 channels available: FG unveils decoder, dish prices for FreeTV, scraps subscription prices
Once a user installs one of these fraudulent applications, the malware can seize control of the device without the customer's knowledge.
The bank explained that the software is capable of harvesting banking login credentials and transaction PINs, intercepting incoming SMS messages and one-time passwords (OTPs), and executing unauthorised transactions through the customer's registered mobile banking profile all without requiring the fraudster to change the registered device.
This last point is particularly concerning, as it means account holders may not receive the usual alerts associated with a new device login, making the fraud harder to detect early.
Safety Steps Ecobank Recommends
Ecobank outlined a series of protective measures customers should adopt immediately. The bank advised that banking applications must only be downloaded through official channels, specifically the Google Play Store or Apple App Store, and that no app should ever be installed via links shared through social media, emails, websites, or messaging platforms.
Customers were also told to treat any unexpected on-screen prompt requesting "system updates," "security verification," or similar actions with suspicion, as these are common tactics used to trick users into granting dangerous permissions.

Source: UGC
The advisory further recommended that customers periodically audit the applications installed on their devices, removing anything unfamiliar or no longer in use. Keeping device operating systems and security software updated was also stressed as a critical line of defence.
For anyone who notices unusual account activity or a transaction they did not authorise, Ecobank directed customers to disconnect the affected device from the internet immediately, contact their bank without delay, and formally report the incident.
The bank also requested that any suspected phishing messages or spam be forwarded to its dedicated reporting address at assist@ecobank.com.
Fraudsters steal N10 billion from Nigerian Bank
Earlier, Legit.ng reported that the Federal High Court in Abuja ordered the freezing of 818 bank accounts for an additional 30 days over an alleged N10 billion cyberattack on Hope Payment Service Bank.
The accounts were identified during a police investigation into the cyber heist and are suspected to have received proceeds from the attack.
The court granted the extension to enable investigators and the bank to trace and recover funds allegedly diverted through the affected accounts following the July cyberattack.
Source: Legit.ng

