Mobile payments and digital wallets (like Google Pay or Apple Pay) are mainstream, but with that ubiquity comes risk. Malicious actors are inventing new man-in-the-middle (MiTM) style attacks that intercept and manipulate payment flows in real-time. Let’s explore why these threats are growing and how you can stay safer amidst the risks.
The Evolution of Mobile Payment Threats
Mobile payment interception refers to a growing class of cyberattacks in which bad actors insert themselves between a user and a payment system, sometimes invisibly. They may intercept credentials, capture real-time payment data, or even alter transaction details before they’re processed. These attacks have evolved quickly, drawing from classic MiTM strategies and combining them with modern tactics like overlay malware and NFC relay fraud.
Real-World Threats on The Radar
The threat here isn’t theoretical. It’s happening right now. In late 2024, security researchers uncovered Godfather, a sophisticated Android malware that mimics legitimate banking and wallet apps. Once installed, it presents fake login screens and intercepts credentials, allowing hackers to take control of accounts remotely. Its realistic design makes it difficult for users to detect the scam in real time.
A wave of NFC relay scams is also circulating across Europe and North America. These attacks trick users into tapping their cards or phones near a tampered device, often disguised as a legitimate payment terminal. The attacker then relays the NFC signal to another location, allowing fraudulent transactions to happen instantly and remotely.
Even legitimate apps aren’t immune. A vulnerability was recently discovered in the popular YONO SBI banking app, where user data—including payment information—was transmitted over unencrypted channels. Anyone using the app on public Wi-Fi was at risk of having their information intercepted by a hacker using basic network sniffing tools.
These examples illustrate just how diverse and adaptive mobile payment threats have become. From app-based impersonation to hardware-level exploits, attackers are targeting the systems we rely on every day.
How to Safeguard Yourself
The good news? A few smart practices can go a long way in safeguarding your digital payments.
- Use apps from trusted sources only and enable app verification tools like Google Play Protect.
- Check for HTTPS: Ensure your payment apps use encrypted connections (you can often find this in the app’s settings or privacy policy).
- Use tokenized payment options like Apple Pay or Google Pay, which create single-use credentials for each transaction.
- Enable biometric authentication whenever possible—face or fingerprint verification adds a strong layer of protection.
- Avoid using public Wi-Fi for any financial transactions, or at the very least, use a trusted VPN.
- Disable NFC when you’re not using it to prevent relay-based attacks.
- Turn on transaction alerts for all your accounts so you’re notified immediately of any unusual activity.
LibertyID Identity Theft Solutions for Individuals, Couples, and Families* provides its subscribers with 360° fully managed identity fraud concierge restoration services. We are experts in resolving all common forms of identity fraud. Our subscribers can also enroll in our Proactive Detection, which monitors and sends alerts when their SSN, Address, Dark Web, criminal record, and credit reports change.
*LibertyID defines an extended family as you, your spouse/partner, your parents and parents-in-law, and your children under the age of 25.