The number of attacks on Android devices using NFC technology in Russia increased by 50% in the third quarter of 2025, exceeding 44,000 cases. This was reported by Kaspersky Lab specialists.
Experts have recorded an increase in the number of malicious programs that use NFC (short-range wireless data transfer) capabilities to steal funds from user accounts. Such viruses are increasingly used by telephone scammers. According to the company, these attacks are aimed at infecting smartphones with so-called "NFC Trojans," which allow attackers to conduct contactless transactions without the device owner's knowledge.
Specialists identify two main fraud schemes — "direct NFC" and "reverse NFC." In the first case, attackers contact the victim through messengers, posing as bank or financial service employees, and offer to install an application for "client verification." After installation, the Trojan asks to attach a bank card to the back of the smartphone and enter a PIN code. This data is transmitted to fraudsters, who then use the card to debit funds.
In the second scheme, called "reverse NFC," criminals send potential victims malicious APK files under the guise of updates or service applications. If the user installs the program and designates it as a contactless payment method, the phone will begin to transmit a signal that ATMs perceive as the attacker's card. After that, the scammers convince the victim to deposit cash into a "safe account," effectively transferring the money to themselves.
