The National Information Technology Development Agency (NITDA) has raised the alarm over the resurgence of Grandoreiro, a banking malware that poses serious risks to financial security in Nigeria.
This malware spreads and can be downloaded to devices, email attachments, forged websites, or into, or reported as seemingly normal files in the infected PC as documents or updates on 9th Monday, 2024.
Read also: NITDA, TikTok push for online safety and digital literacy in Nigeria with “Safer Together” campaign
How Grandoreiro operates
The updated version of Grandoreiro employs highly advanced techniques to infiltrate user devices, steal sensitive information, and bypass security measures. The Grandoreiro banking malware uses several methods to steal personal and financial information:
Fake Screens: It invents and shows fake windows while patronising secure websites to capture usernames and passwords.
Device Takeover: Hud might also gain complete control of the device, and the banking accounts and other confidential information will be in their hands.
Stolen Credentials: It collects passwords and personal information, which hackers use to steal money or commit identity fraud.
Staying ahead of the threat: NITDA’s recommendations
To protect against Grandoreiro and similar cyber threats, NITDA advises the public to adopt these security practices:
Avoid phishing traps: Do not click on links or open attachments from emails from people you do not know or those you have not expected to send an email to you.
Download from trusted sources: Only install software from reputable websites and avoid suspicious links.
Enable Multi-Factor Authentication (MFA): Strengthen account security with additional verification steps.
Update security software: Regularly update antivirus and anti-malware programs and perform frequent scans.
Avoid public Wi-Fi: It is advisable not to transact financial matters through insecure networks; the best approach is to perform them under the security of a VPN.
Monitor bank statements. This will allow you to note unauthorised transactions early and take appropriate measures.
Read also: NITDA, Japanese agency launch iHatch Cohort 4 to empower 185 startups
Vigilance is key
NITDA has, therefore, urged people to remain alert, noting that threats are ever-emerging. All suspicious activities should be reported to the authorities, and CERRT is available for more help.NG, which stands for NITDA’s Computer Emergency Readiness and Response Team.
With cybercriminals becoming increasingly sophisticated, adhering to these preventive measures is essential to protect financial data and personal information from potential compromise.