Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Frauds always come with new tricks. Just when you start to feel confident in noticing false e -mail, dubious relationships and false banking applications, they find a new corner. They have become more creative lately, turning to the embedded features of our phones to pull out their schemes. One of the latest goals is NFC, a technology behind Tap-to-play.
This may seem harmless, but the new fraud uses this in a way that most people would never expect. Android malicious software called Supercard transcends only the theft of your card details. The attackers give the ability to remotely use your card for actual transactions. And the worst is that everything starts with something as simple as a text message.
Android phone (Kurt “Cyberguy” Knutsson)
What makes Supercard X different?
Supercard X stands out from another Android malicious software because of the way it works. As he reported Speafy researchersInstead of theft of user names, passwords or check codes, it uses a method called the NFC relay. This allows the attackers to copy the card data from the real -time victim’s device and use them elsewhere to pay or withdraw money. The process does not require physical access to the card or knowledge of PIN.
The malicious software is offered through a malicious software model as a service, which means that different cyber criminals can be used in their own regions. Because of this, the threat is more scalable and aspiration. Unlike most of the banking Trojans, Supercard X is not focused on one particular institution. Targeted any card owner, no matter what the bank issued its card.
Another key difference is how malicious software is. It uses minimal permits and does not include additional features that would make it easier to detect. This skinny approach helps him avoid detection of antiviral software and allows him to work peacefully on infected devices.
Supercardx completely undiscovered (FUD | Speaafy) (Kurt “Cyberguy” Knutsson)
200 million records on social media leaked in a great breach of data x
How the fraud works
The fraud begins with a message sent by SMS or WhatsApp. It is pretended to be from the bank and warns the recipient of a suspicious transaction. The message includes a phone number and invites a person to call to solve the problem. This is the first step in gaining confidence of the victim.
Once on the phone, the striker poses as a bank representative and passes by a victim of false security procedure. This may include them to confirm their personal information or adjust the settings in their mobile banking application, such as the removal of consumption of consumption on their card.
Then the attacker asks the victim to install a mobile app described as an account verification tool or security improvement. In reality, this application contains Supercard X Malware. After installing, the attacker points to the victim to touch his card with the phone. The malicious software then records NFC card data and sends them to another phone controlled by the attacker.
Using copied data, the attacker can make inappropriate payments or withdraw the ATM almost immediately. This method allows them to steal the funds quickly and leave little opportunities for banks or victims to intervene in time.
The woman moves on her phone (Kurt “Cyberguy” Knutsson)
Malicious software exposes 3.9 billion passwords in a huge cyber -safety threat
8 ways you can be sure of the malicious Software Supercard X
1) Be careful with suspicious texts and calls. Use strong antiviral software: False campaigns often start with SMS or a call that seems to come from your bank. These messages usually claim that there is a suspicious activity on your account and seek to click the link or call the number to solve the problem. However, this is a tactic used to access your personal data. Always approach such messages with skepticism.
The best way to protect yourself from malicious connections installed by malicious software, potentially access to your private data, is to install a strong antivirus software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.
2) Avoid installing applications from unreliable sources: One of the key ways in which malicious software like Supercard X is spreading through deceptive applications that the victims are convinced of being installed. These applications often look harmless, posing as a tools for safety or account check. If you receive a link to download the application via SMS, E -Stage or Message Exchange application like WhatsApp, don’t click on it. Instead, only download applications from reliable sources, such as Google Play Store. In addition, carefully inspect the applications licenses and avoid giving an unnecessary approach, especially sensitive data such as NFC, locations or personal contacts.
3) Turn off NFC when not used: The NFC, or near field communication, is a useful feature that allows useless payments and data exchange. However, attackers can use to capture the card information without you understand that either. To reduce the risk of becoming a victim of a malicious software based on NFC like Supercard X, turn off NFC when you are not actively using it.
On most Android devices you can do this by embarking on “Settings”, then “connected devices” or “connection settings”, where you will find the NFC switch. By disabling the NFC, your phone will not transmit data wirelessly, which helps protect data on your payment card from theft from the attacker nearby.
4) Watch bank accounts and cards: If your device has come in contact with Supercard or anything similar, it is possible that your banking details are already endangered. Therefore, it is important to regularly check the history of transaction anything unusual, such as a small payment that you do not remember to make or charge from an unusual location, it could be a sign of abuse. If you notice anything suspicious, report it to your bank immediately. It is also worth checking your credit reports from time to time to catch signs of identity theft before Snow White in bigger problems.
5) Use the personal data removal service: If the fraudsters have been targeting you once, there is a greater chance of trying again, especially if your personal information (like your phone number, address or E -ste) is easily found online. Data removal services scan websites and broketers to search people, then ask for removal of your information. This reduces your exposure and helps prevent future attacks of identity or social engineering.
Although no service can guarantee the complete removal of your information from the Internet, the data removal service is a really smart choice. They are not cheap, nor your privacy. These services do all the jobs for you active supervision and systematic deletion of your personal information from hundreds of websites. This is what we give peace and proved to be the most effective way to delete our personal information from the Internet. By limiting the available data, you reduce the risk of fraud with cross -references from info with information that they can find on the dark web, which is harder for them to target. View my top selection here for data removal services.
6) Contact your bank and freeze the cards: If you think you were eavesdropping or solving a suspicious card or if your phone was unusual afterwards, don’t brush it. Call your bank and let them know what happened. They can freeze your card to stop unauthorized payments and issued a new one for additional security. You should also ask them to follow your account more closely for a while. On top of all, put a warning warning with a credit office so that no one can easily open a new credit line on your behalf.
7) Consider enrollment in identity identity protection services: If you have been targeting a sophisticated fraud like Supercard X, there is a chance that your personal information, not just card data, may be exposed to risk. Identity stealing companies can monitor personal information, such as your social insurance number, telephone number and E E -Star and warn you if sold on a dark web or used to open an account. They can also help you freeze the bank account and credit card accounts to prevent further unauthorized use by criminals. See my tips and best choosing how to protect yourself from identity theft.
8) Report to your National Cyber Crime Administration: Whether you have lost money or not, reporting a fraud helps the authorities to accompany the emergence threats and warn others. You can report such a FBI fraud Internet Crime Center Center or Federal Commission for Trade. Your report could help catch people behind a fraud or at least shut down their infrastructure.
How safe is my password? Use this test to find out
Kurt’s key step
The SugCard X Malicious S By exploiting NFC technology and combining it with social engineering tactics, attackers have found a way to bypass traditional fraud detection systems. What is particularly related to how these attacks go quickly, which makes them harder to detect before the damage is done. As this threat develops, it is important that both consumers and institutions recognize the potential risks of these multi -layered fraud strategies.
Do you think Google makes enough to protect you from malicious software? Let us know by writing us on Cyberguy.com/contact.
For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter.
Ask the Kurt question or let us know which stories would you like to cover.
Follow Kurt on his social channels:
Answer to the most demanding questions about Cyberguy:
New from Kurt:
Copyright 2025 Cyberguy.com. All rights reserved.
