PWA phishing on Android and iOS – Week in security with Tony Anscombe

Video

Phishing using PWAs? ESET Research’s latest discovery might just ruin some users’ assumptions about their preferred platform’s security

Hey there, curious minds! Ever heard of phishing using Progressive Web Apps (PWAs)? ESET researchers recently uncovered a unique phishing campaign targeting clients of a major Czech bank.

This sneaky technique involves installing a phishing application from a third-party website without the user explicitly allowing third-party app installation. How? Well, PWAs are essentially websites packaged to feel like standalone apps, complete with native system prompts.

For iOS users, this revelation might shake their confidence in the platform’s security. And on Android, it could lead to the quiet installation of a special type of APK, cleverly disguised to look like it’s from the Google Play store.

Curious to learn more about this eye-opening discovery? Check out Tony’s latest video below:

Stay connected with us on FacebookTwitterLinkedIn, and Instagram.

Leave a Reply

Your email address will not be published. Required fields are marked *