Wema Bank has warned customers to stay alert against fraudsters using fake ads and pop-up messages on social media, websites, and messaging apps to trick people into downloading harmful mobile apps that can steal their banking information.
In an email sent to customers on Thursday, the bank said that cybercriminals are increasingly disguising harmful software as real applications. These include sports betting, live score, streaming, utility, banking support, and phone update apps.
Wema Bank explained that once these harmful apps are installed, they can gain control of a victim’s mobile device. They can steal banking details and transaction PINs, intercept SMS messages, and one-time passwords (OTPs).
The bank noted that the harmful apps can also make unauthorized transactions through the customer’s mobile banking profile without needing to change devices.
“These harmful apps often pretend to be real applications, like sports betting, live score, streaming, utility, banking support, or phone update apps.
“Once installed, the harmful software can take control of a device, steal banking details and transaction PINs, intercept SMS and One-Time Passwords (OTPs), and start unauthorized transactions through the customer’s registered mobile banking profile, without needing a device change,” the bank stated.
To lower the risk, Wema Bank advised customers to download banking apps only from official app stores like Google Play Store and Apple App Store.
The bank also urged customers not to install apps through links or pop-up ads on social media, websites, emails, or messaging apps.
Customers should be careful of unexpected requests for system updates or security checks. They should regularly check and remove unfamiliar apps from their devices and keep their operating systems and security software updated.
The bank added that customers who see unusual activity or unauthorized transactions should immediately disconnect their devices from the internet, contact their bank, and report the issue.
The bank also urged customers and financial institutions to report suspected phishing attempts and spam messages to their fraud desks or information security teams. Quick reporting is necessary to help stop cyber fraud in the financial services industry.
This warning is part of Wema Bank’s ongoing efforts to fight rising online fraud.
In June, the bank temporarily stopped communication on its X and Telegram accounts, saying it needed to protect customers from fraud and account impersonation.





Drop your comment
No comments yet — be the first to drop the gist 👇