In recent years, banking scams have evolved with increasingly sophisticated techniques, which have used technology to bypass security systems. An example of this is the New scam from the Czech Republicwhich in 2023 was carried out with great success in Czechia thanks to the use of malware NGateThe “script” followed by scammers is complex and effective: to steal money directly from the victims’ current account through a ATM withdrawal (without using the card), the criminals send a message to the potential victim who, if he opens the link contained within it, will install the malware in question on his Android smartphone, which will allow the scammers to obtain the card data and exploit the technology NFC (Near Field Communication) to clone them. The security experts of the security company are raising the alarm ESETwho suggest paying the utmost attention to your online activities to protect yourself, remembering that you should not open suspicious links, as banks and credit institutions do not encourage you to carry out similar actions.
How the Czech Republic scam works
There New scam from the Czech Republicjournalistically nicknamed with this name because of its success in Czechia, according to cyber security experts could also be “exported” to other geographical areas, including Italy. Understanding its operation it is the starting point to be able to defend ourselves from it.
It all starts with a message, which can be delivered via SMS or via instant messaging apps (such as WhatsApp And Telegram), which may appear to come from a bank. The message invites you to open a link: if the user agrees, the NGate malware procedure is started on the victim’s Android smartphone. Regarding the latter, Luke StefankoSenior Malware Researcher at ESET, reported:
We have never seen this NFC redirection technique in any previously discovered Android malware. The technique relies on a tool called NFCGate, designed by students at the Technical University of Darmstadt, Germany, to capture, analyze, or alter NFC traffic; that’s why we called this new malware family NGate.
Once the malware is installed on the victim’s device, it begins stealing payment card data stored on the smartphone. With the malware, scammers can intercept NFC data, which is normally used for contactless payments, and transfer it to their own devices, thus emulating physical cards. This allows them to make ATM withdrawals in “cardless” modethat is, without having to insert the physical card into the ATM. Alternatively, if the direct withdrawal is unsuccessful, scammers also have the option of transferring sums of money from the victims’ accounts to accounts in their name or those of their accomplices, thus evading the banks’ own security controls.
One of the most worrying aspects of this scam is its ability to target a wide range of people, regardless of age or technological skills. While in the past scammers focused mainly on older or less experienced people, today anyone can fall victim to a well-orchestrated attack. In fact, one click on a wrong link is enough to compromise the entire security system of your smartphone and, consequently, your bank account.
How to protect yourself from the Czech Republic scam
Now, let’s get to the heart of the matter: How to protect yourself from the Czech Republic scamThe expert answers this question Luke Stefankowhich suggests:
Protecting against complex attacks like these requires using proactive measures against phishing, social engineering and Android malware. This means check website URLs, Download apps only from official stores, keep PIN codes secret, use security apps on phones, turn off the NFC function when it is not necessary, use protective cases or virtual cards protected by authentication.
It is also important to remember that banks or other financial institutions will never ask for sensitive data through WhatsApp messages, SMS, emails, etc. Therefore, do not open links from contacts that pretend to be your bank for any reason.