Global cybersecurity firm Kaspersky has urged Sri Lankan regulators to establish clear cybersecurity frameworks for mobile financial services, warning that the country’s shift toward a mobile-first digital economy is exposing millions of users to serious financial cyber risks.
According to Kaspersky’s 2024 cybersecurity report, mobile threats are escalating worldwide, with Sri Lanka’s rapidly growing smartphone base facing similar vulnerabilities. The report noted that malware attacks on mobile devices doubled in 2024 compared to the previous year, while banking Trojans surged 3.6 times. Among the most prominent is the Trojan-Banker family Mamont, which can easily adapt to local conditions to steal banking credentials.
Adrian Hia, Kaspersky’s Managing Director for Asia Pacific, explained that mobile devices are particularly attractive to cybercriminals because users often lack adequate protection. “In Sri Lanka, this is compounded by a surge in digital wallet use and mobile banking adoption, especially among younger, tech-savvy consumers,” he said.
Fraudulent parcel tracking apps, fake crypto wallets, and counterfeit e-commerce platforms are among the common attack vectors used to deceive users. Many victims unknowingly compromise themselves by downloading malicious apps, neglecting updates, or granting excessive permissions.
Kaspersky’s Call to Action
The company recommends a multi-pronged strategy to address the rising threat:
- Government & Regulators: Establish robust cybersecurity guidelines for mobile financial services and run nationwide awareness campaigns.
- Financial Institutions & Telecoms: Collaborate to proactively monitor, detect, and block suspicious activities before they affect consumers.
- Consumers: Download apps only from official stores, review app permissions carefully, and keep devices regularly updated.
To enhance user protection, Kaspersky suggests tools such as Kaspersky Internet Security for Android, a VPN for encrypted internet traffic, and App Lock features to secure sensitive applications.
The warning comes as Sri Lanka continues to expand its digital economy, where mobile devices are becoming central to daily financial activity. Without stronger safeguards, experts caution, the risks of credential theft, fraud, and financial loss could grow significantly.
