Cybersecurity company Kaspersky has reported a significant increase in NFC-based attacks targeting Android smartphone users.
MQM-P’s Farooq Sattar Links Budget Support to Reinstatement of Kamran Tessori as Sindh Governor
According to Kaspersky telemetry, attacks designed to steal money through Near Field Communication (NFC) technology surged by 188 percent during the first four months of 2026 compared with the same period last year.
From January to April 2026, Kaspersky security solutions blocked more than 35,600 Android malware attacks using NFC-based techniques. During the same period in 2025, the company blocked just over 12,300 such attacks.
Fraudsters Using Advanced Malware Tools
The attacks involve several Android malware families, including SuperCard X, PhantomCard, NGate and modified versions of the NFCGate tool.
Experts warn that these malicious applications are becoming increasingly sophisticated and difficult to detect.
As a result, cybercriminals are finding new ways to exploit mobile banking users and contactless payment systems.
Two Main NFC Attack Methods Identified
Kaspersky says attackers currently use two primary methods.
Direct NFC Fraud
In the first method, known as Direct NFC, scammers contact victims through messaging platforms.
They pretend to represent banks or financial institutions and persuade users to install malicious applications disguised as legitimate financial tools.
Victims are then instructed to tap their bank cards against infected smartphones and enter their PIN codes.
Consequently, attackers gain access to sensitive card information and can use it for fraudulent transactions.
Reverse NFC Fraud
The second method, called Reverse NFC, is considered more dangerous.
In this scheme, victims install a malicious application and are convinced to set it as their default contactless payment service.
The malware generates a fake NFC signal that ATMs recognize as a scammer-controlled bank card.
Victims are then persuaded to deposit money into what fraudsters describe as a “secure account.”
However, the funds are actually transferred directly to the criminals.
Experts Warn of Growing Threat
Sergey Golovanov, Chief Security Expert at Kaspersky, said attackers are increasingly shifting toward Reverse NFC techniques.
He noted that this type of fraud is harder to identify because victims unknowingly authorize the transactions themselves.
According to Golovanov, cybercriminals are likely to continue developing NFC relay malware and expanding attacks into new regions.
Therefore, he said the threat requires close monitoring by cybersecurity professionals and financial institutions.
Pakistan Faces Rising Digital Security Risks
Commenting on the trend, cybersecurity expert and ITSOLERA founder Dr Hafeez Ur Rehman highlighted the growing importance of digital awareness in Pakistan.
He said the increasing use of mobile banking and contactless payments makes users more vulnerable to sophisticated scams.
Furthermore, he stressed the need for cooperation between financial institutions, technology providers, regulators and cybersecurity experts.
According to him, stronger collaboration is essential to protect consumers from evolving digital threats.
How Users Can Stay Safe
Kaspersky has advised Android users to take several precautions.
Users should avoid downloading applications from unofficial sources or clicking links received through messaging apps, social media or SMS.
In addition, they should never follow instructions from unknown individuals at ATMs, regardless of the reason provided.
Cybersecurity experts also recommend using trusted mobile security software to block phishing websites and prevent malware installation.
As mobile payment technologies continue to grow, experts say awareness and caution remain the strongest defence against financial cybercrime.
