Many cases of this happening in Singapore where people get tricked into installing malware. It feels like the banks have been going out of their way to make it hard if not impossible to use many services without installing their app now, so all those non-technical aunty uncle are like lambs to the slaughter.
> Despite Liz’s insistence that she’d been asleep when the payments were made, both banks concluded that Liz had authorised the transactions herself, from her own device, meaning she wouldn’t be refunded.
> With Liz’s permission, Rip Off Britain sent her device to a cybersecurity firm for investigation. Pen Test Partners concluded ‘with high confidence’ that the malicious app was linked to or responsible for the fraudulent activity on the device.
> After Rip Off Britain shared Pen Test Partners’ report with Liz’s banks, [the bank] refunded her in full.
Is this process repeatable by others? When the bank refuses to cooperate with you and insists you authorized payments that you didn't, can you send your devices to a third party to inspect? Would banks then be legally required to undo the unauthorized transactions when presented with evidence?
Or was this just a "one time exception" due to the media attention of the story?
I really hope that when Apple is forced to open up access to competing app stores that there will be a setting for me to ban sideloads or downloads on my parents devices.
Well the malware was a sideloaded app, so that seems to rule out iOS (that said, I wonder how she installed the apk without noticing something seemed out of the ordinary, not to mention granting it the permissions it needed...)
e.g. https://www.channelnewsasia.com/singapore/android-malware-sc...