CIMB Clicks is one of the most popular online banking service in Malaysia. It has official mobile apps for iOS and Android to allow customers to manage their bank account on-the-go.
Apparently, a fake CIMB Clicks app called “CIMB Clicks Perbankan Internet” (no link for obvious reason) get passed Google Play store security check and listed for free download.
Fake CIMB app
The fake app is listed on Google Play Store on June 11, 2013 and it has been installed over 500 times in 1 week. While the official CIMB Clicks app description is written in English. The fake app uses Malay language for its description. The developer’s website – http://tophotappstore.com/ – is not active. You can try to email the developer at email@example.com.
Based on the app screenshot, the fake CIMB app asks for your CIMB online banking account’s User ID and Password, which is VERY DANGEROUS! The app could collect your login information to access your account. Already have users warned about the fake app in the app review.
I already notified CIMB and Google Malaysia about the fake app, and CIMB replied that they are already working on removing the fake app. Good job!
@liewcf Hi, we are aware of the said application and have begun works on deactivating and removing it. Thank you for the notification!
— CIMB Assists (@CIMB_Assists) June 18, 2013
Like every Malaysian banks, CIMB uses one-time TAC (Transaction Authorisation Code) sent to mobile phone via SMS for additional security to protect customers against unauthorised access to bank account. Nevertheless, you never want to expose your online banking account username and password to strangers.
HERE is the only one official CIMB Clicks app for Android devices.
How to avoid Android Malware?
The Android malware has been techrepublic:in 2012 when compared to 2011. How do you protect yourselves from those malware? Here are a few suggestions (via
- Install latest Android updates to patch vulnerabilities.
- For Android 4.1.2 and above, Make sure “Unknown sources” under Security section in Settings is Unchecked.
- Review all permissions requested by an app upon installation. Is the app asking too much access?
- Read app reviews before install any app.
- Install anti-malware app for Android, such as avast! Mobile Security, Lookout Security & Antivirus, Norton Mobile Security Lite, Zoner AntiVirus. (they are free!)