A type of cyberattack on mobile users in which a malicious app opens an active window over a legitimate program. This layer can fully replicate the target product interface, or be transparent and intercept user actions on the touch screen. Cybercriminals deploy overlay attacks to steal victims’ login credentials, bank card details, and other confidential information.
Android devices are the most vulnerable to this type of attack, because all apps downloaded from Google Play have the SYSTEM_ALERT_WINDOW permission by default.