A near-field communication (NFC) traffic stealer is targeting Android users to obtain their banking information. NFC allows devices to communicate wirelessly when nearby. The attacker calls victims pretending to be a bank employee and notifies them about a security incident on their card. They ask for the victim to change their PIN and verify their card. Then, the victim receives a link to download NGate which displays a fake website asking for banking information. Lastly, NGate asks the victim to enable the NFC feature on their phone and lay their card on the back of the phone. This allows NGate to capture the NFC data from the victim’s card. Czech authorities arrested a 22-year-old who was allegedly behind the scam.

