Cybercriminals are aggressively ramping up their attacks on Android users in Pakistan. According to new data released by cybersecurity firm Kaspersky, near-field communication (NFC) scam attacks surged by a staggering 188% during the first four months of 2026. Consequently, hackers are actively exploiting this technology to drain bank accounts.
Between January and April 2026, Kaspersky blocked approximately 35,600 attacks linked to Android malware. In contrast, the firm detected and blocked just 12,300 similar attacks during the same period last year. This sharp increase highlights a rapidly growing threat to digital finances.
Researchers have identified several specific malware families driving these attacks. These include SuperCard X, PhantomCard, NGate, and multiple malicious variants of the NFCGate tool. Ultimately, these threats aim to steal sensitive banking information and execute fraudulent financial transactions through contactless payment technology.
How Cybercriminals Steal Your Data
Currently, attackers rely on two primary methods to exploit unsuspecting users. The first method is known as Direct NFC. First, scammers contact victims through messaging platforms. Next, they persuade users to install malware disguised as legitimate banking or financial applications.
Afterward, the attackers convince victims to tap their physical bank cards against the infected smartphones and enter their PIN codes. As a result, the hackers instantly capture the sensitive card data.
The Rise of Reverse NFC Scam Attacks
Meanwhile, the second method, called Reverse NFC, is becoming increasingly common. In this scenario, criminals trick victims into installing a malicious app and setting it as their default contactless payment service.
Subsequently, the infected phone transmits an NFC signal that automated teller machines (ATMs) recognize as a scammer-controlled payment card. Then, the scammers persuade victims to deposit cash. The victims believe they are transferring money to a secure account. However, they are actually sending funds directly to the criminals.
Furthermore, security researchers warn that Reverse NFC attacks remain particularly difficult to detect. Because victims manually authorize the transactions themselves, the fraudulent transfers appear completely legitimate to banking security systems.
Protecting Your Finances in Pakistan
This urgent warning arrives as contactless payments and digital financial services rapidly expand across Pakistan. Moreover, growing smartphone adoption and the widespread use of mobile banking apps have significantly increased the target base for cybercriminals.
Therefore, cybersecurity experts urge consumers to take immediate precautions. You should always avoid downloading applications from unofficial sources. Additionally, remain cautious of unsolicited messages regarding banking services. Most importantly, never follow instructions from unknown individuals regarding financial transactions or ATM operations.
Finally, keep your devices updated and install trusted mobile security solutions to minimize the risk of a compromised bank account.
