- Rogue banking apps are illegitimate or “look alike” banking apps with embedded malware with an intention to steal sensitive/critical data or banking credentials. These may be generally available online as freeware
- Cyber criminals are known to imitate legitimate versions of apps and embed them with mobile malware – an act called Trojanizing. These malicious apps are designed to look like real mobile banking apps. Cybercriminals use different tricks like using the same images and icons and closely imitating the publisher’s name
Safe Banking › Channel ›Mobile Banking
Mobile Banking Safety Tips & Measures
Mobile Banking Safety Tips
With Mobile Banking, your banking and financial transactions are at your fingertips.
Here are some precautions for safe and secure mobile banking
- Set up a Pin/password to access the handset menu on your mobile phone
- Register/ update your mobile number and e-mail ID for alerts to keep track of your banking transactions.
- Delete junk message and chain messages regularly
- Do not follow any URL in message that you are not sure about
- If you have to share your mobile with anyone else or send it for repair/maintenance
- Clear the browsing history
- Clear cache and temporary files stored in the memory as they may contain your account numbers and other sensitive information
- Block your mobile banking applications by contacting your bank. You can unblock them when you get the mobile back
- Clear the browsing history
- Do not save confidential information such as your debit/credit card numbers,CVV numbers or PIN's on your mobile phone
- Do not part with confidential information received from your bank on your mobile
- Install an effective mobile anti-malware/anti-virus software on your smartphone and keep it updated
- Keep your mobile's operating system and applications, including the browser, updated with the latest security patches and upgrades
- Password-protect your mobile device to protect against unauthorised access. Set up a Pin/password that is difficult to crack
- Do not enable auto-fill or save user IDs or passwords for mobile banking online
- If possible, maximise the security features by enabling encryption, remote wipe and location tracking on device
- Never leave your mobile phone unattended
- Turn off wireless device services such as Wi-Fi, Bluetooth and GPS when they are not being used. The Bluetooth can be set up in invisible mode
- Avoid using unsecured Wi-Fi, public or shared networks
- Do not use "jailbroken" or "rooted" devices for online banking. Jailbreaking or rooting a device (the process of breaking into the phone's built-in operating system to control it outside the vendor's original intention) exposes the device to additional malware and gains administrative or privileged access of OS
- Only download apps from official app stores such as Apple iTunes, Android Marketplace, Google Play Store and BlackBerry App World
- Never disclose personal information or online banking credentials via e-mail or text message as these can be used for identity theft
- Log out from online mobile banking or application as soon as you have completed your transactions. Also make sure you close that window
- Be aware of shoulder surfers. Be extra careful while typing confidential information such as your account details and password on your mobile in public places
- In case you lose your mobile phone, please call our 24-hour Customer Care to disable the iMobile application
Rogue Banking Apps
What are rogue banking apps?
How to spot rogue mobile apps?
- Some rogue mobile apps may come with well-written legal terms usually highlighting the fact that the app may charge you. Even if these legal terms make the app seem legit, its best you read them carefully
- The rogue app can drain your phone battery really fast. So battery running low frequently might be a sign of infection with malware or virus
- Check your phone bill periodically and keep tabs on any suspicious activity. If you spot unusual activity in your phone or in your bill, contact your mobile network provider
- Check the app’s download page for inconsistencies or misspellings. Those are tell-tale signs of a fake
What are the impacts of rogue apps?
- Mobile malware can not only steal information, but can also take full control of your mobile device’s functions. Once users access these apps, they unwittingly give out their account information. Some of the impacts of rogue apps may be;
- Configure your updates
- Steal passwords, certificates, etc.
- E-mail screenshots
- Perform financial transactions on behalf of user/perform financial frauds
- SMS forwarding, call blocking, ping different applications, reduce battery life and many more
How can I download a genuine app from app store?
- Before downloading a new app, always check its reviews and ratings from other customers that have used the app, The publisher which should be ICICI Bank Ltd only
- Take a minute or two to read the app description. This is often where you can distinguish between a real and fake app. Usually fake apps contain irrelevant description/no description about the app functionality and often described with spell errors
- Check for the app’s permissions before installing them
Where can I download?
- It’s advisable to download ICICI Mobile Banking apps only from the following app stores as only they are authorised to host ICICI Bank apps
- Android Play store
- Apple iOS App store
- Nokia OVI store
- Nokia Android store
- Blackberry store
- Windows phone app store
- Windows desktop app store
- Amazon Android app store
- All legitimate apps of ICICI Bank published on these stores are through the single developer ID i.e. ICICI Bank Ltd
- No other appstores are authorised to carry apps developed by ICICI Bank. Also, no developer other than ICICI Bank is authorised to release/host apps on the above stores
What should you do if you think you have been scammed?
- The rogue app should immediately be removed from the device once identified. To remove the rogue app; navigate through the hosted apps on device and select the rogue app you want to uninstall. Restart the device after un-installation
- The device would be free from rogue app threat once uninstalled. But we recommend to change the credentials/passwords of the registered accounts (online banking/shopping credentials, device authentication, folder lock or email passwords, etc.) in the device post un-installation of the rogue app; as such apps gains full access of the device's function until uninstalled
- It is recommended to buy and install a reputed mobile antivirus to minimise the possibility of having your device infected with malware, including rogueware
Learn more about safe banking tips through interesting videos.
An application to enhance the security of your online account with OTP.
Read the RBI advisory against Phishing emails sent in its name.
Customer Education Series
Learn about Credit Scores, Nomination, Banking Ombudsman and more.