Attackers are combining credential phishing, credit card data theft, and malware into a single campaign targeting banking details.
While it’s common to see attacks involving phishing or malware, the combination of these tactics in a single campaign targeting Android devices of financial services and banking customers indicates the extent to which attackers are willing to play a longer game in order to get to their goal.
The attacks combine phishing with the distribution of the Marcher Android trojan, a form of banking malware which has been active since at least late 2013.