July 4, 2026, 5:47 am | Read time: 3 minutes
Cybercriminals are increasingly targeting Android smartphones using the NFC function. According to a recent analysis, the number of such attacks has risen significantly. The perpetrators attempt to trick victims into revealing sensitive card data or transferring money to the criminals. New methods that appear inconspicuous at first glance are particularly in focus.
Number of NFC Attacks Increases Significantly
According to the security company Kaspersky, the number of registered NFC attacks on Android devices increased by 188 percent in the first four months of 2026 compared to the same period last year.
Between January and April 2026, Kaspersky’s security solutions blocked more than 35,600 attacks on Android smartphones worldwide. In the same period of the previous year, there were around 12,300. The attacks involve malware such as “SuperCard X,” “PhantomCard,” “NGate,” or variants of the well-known NFCGate tool.
How the Fraudsters Operate
Security experts are currently observing two main methods. In the first method, perpetrators pose as a bank or authority in messaging services. They instruct their victims to install an app. Victims are then asked to hold their bank card to the smartphone and enter the PIN. This way, the card data goes directly to the criminals.
Also of interest: Shocking audio error affects popular Android smartphones
Another method is called “Reverse NFC.” Here, victims also first install a malicious app. This app is then set as the default application for contactless payments. The perpetrators then persuade their victims to deposit money at an ATM into an allegedly secure account. In reality, the money goes directly to the fraudsters.
How Risky Is Mobile Banking on Your Smartphone?
A wrong click on WhatsApp and strangers can control your phone
Experts Observe New Development
“While cybercriminals previously mainly relied on so-called direct NFC attacks, we are now seeing the more complex reverse NFC method more frequently,” explains Kaspersky security expert Sergey Golovanov.
According to him, this development is particularly problematic because the victims carry out the transfer themselves. As a result, the transactions initially appear to be ordinary payments.
How to Reduce the Risk
To protect against NFC fraud, Kaspersky recommends downloading apps only from official sources such as the Google Play Store. Installations via links from messaging services, SMS, or social networks are considered risky.
Additionally, instructions from unknown individuals at ATMs should generally not be followed, regardless of whether the contact is made by phone or chat or presented as a bank or authority. Security software can also help detect malicious apps and phishing sites.