ISLAMABAD: NFC-based Android banking attacks increased by 188% during the first four months of 2026 compared with the same period last year, according to new data released by cybersecurity company Kaspersky.

The surge highlights growing risks for users of mobile banking and contactless payment services, as cybercriminals increasingly use Near Field Communication (NFC) technology to steal financial information and access victims’ funds.

According to Kaspersky telemetry, its security solutions blocked more than 35,600 NFC-related Android malware attacks between January and April 2026. During the same period in 2025, the company recorded more than 12,300 such attacks.

The attacks involved several malware families, including SuperCard X, PhantomCard, NGate, and modified versions of the NFCGate tool.

Two main attack methods identified

Kaspersky said cybercriminals are primarily using two types of NFC-based fraud schemes targeting Android users.

In the first method, known as “Direct NFC,” attackers contact victims through messaging platforms and persuade them to install malicious software disguised as legitimate applications, often financial services apps. Victims are then instructed to tap their bank cards against an infected smartphone and enter their PIN codes, allowing attackers to capture sensitive card information.