Skip to content
logo The magazine for digital lifestyle and entertainment
Android CoBi Google News Security All topics
Experts Warn

How Scammers Exploit the NFC Feature on Android Phones

Close-up of an NFC symbol with the inscription "NFC" on a card reader or ATM. Below the symbol, part of the display is visible.
Criminals use manipulated apps to access card data or money from Android users. Photo: Gado via Getty Images
Share article

July 4, 2026, 5:47 am | Read time: 3 minutes

Cybercriminals are increasingly targeting Android smartphones using the NFC function. According to a recent analysis, the number of such attacks has risen significantly. The perpetrators attempt to trick victims into revealing sensitive card data or transferring money to the criminals. New methods that appear inconspicuous at first glance are particularly in focus.

Number of NFC Attacks Increases Significantly

According to the security company Kaspersky, the number of registered NFC attacks on Android devices increased by 188 percent in the first four months of 2026 compared to the same period last year.

Between January and April 2026, Kaspersky’s security solutions blocked more than 35,600 attacks on Android smartphones worldwide. In the same period of the previous year, there were around 12,300. The attacks involve malware such as “SuperCard X,” “PhantomCard,” “NGate,” or variants of the well-known NFCGate tool.

How the Fraudsters Operate

Security experts are currently observing two main methods. In the first method, perpetrators pose as a bank or authority in messaging services. They instruct their victims to install an app. Victims are then asked to hold their bank card to the smartphone and enter the PIN. This way, the card data goes directly to the criminals.

Also of interest: Shocking audio error affects popular Android smartphones

Another method is called “Reverse NFC.” Here, victims also first install a malicious app. This app is then set as the default application for contactless payments. The perpetrators then persuade their victims to deposit money at an ATM into an allegedly secure account. In reality, the money goes directly to the fraudsters.

More on the topic

Experts Observe New Development

“While cybercriminals previously mainly relied on so-called direct NFC attacks, we are now seeing the more complex reverse NFC method more frequently,” explains Kaspersky security expert Sergey Golovanov.

According to him, this development is particularly problematic because the victims carry out the transfer themselves. As a result, the transactions initially appear to be ordinary payments.

How to Reduce the Risk

To protect against NFC fraud, Kaspersky recommends downloading apps only from official sources such as the Google Play Store. Installations via links from messaging services, SMS, or social networks are considered risky.

Additionally, instructions from unknown individuals at ATMs should generally not be followed, regardless of whether the contact is made by phone or chat or presented as a bank or authority. Security software can also help detect malicious apps and phishing sites.

This article is a machine translation of the original German version of TECHBOOK and has been reviewed for accuracy and quality by a native speaker. For feedback, please contact us at info@techbook.de.

You have successfully withdrawn your consent to the processing of personal data through tracking and advertising when using this website. You can now consent to data processing again or object to legitimate interests.