What Are NFC Relay Attacks and Why Are They Rising?
NFC relay attacks are a form of contactless payment fraud where criminals intercept or imitate near-field communication signals between phones, cards, and payment terminals to move money from victims’ accounts without physically stealing their devices or cards. These attacks exploit NFC security threats in Android phones and payment apps, abusing the same technology that powers tap-to-pay convenience at stores and ATMs. According to Kaspersky telemetry, the number of NFC-based attacks on Android smartphones aimed at stealing victims’ funds rose by 188% in the first four months of 2026 compared with the same period in 2025. Security tools blocked 35,600 NFC-related Android attacks from January to April 2026, up from over 12,300 a year earlier, showing how quickly criminals are adopting NFC relay attacks as a mainstream tactic against Android payment security.
How Criminals Exploit Direct NFC to Capture Card Data
In a direct NFC relay attack, scammers focus on stealing your card details and PIN using social engineering and Android malware. They contact targets through messaging apps, pretending to be bank staff or another trusted party, and push them to install a fake “verification” or “financial” application. This malicious app includes NFC relay features that interact with real bank cards. Victims are then instructed to tap their physical card against the infected Android phone and enter the card PIN, supposedly for verification. When they do, the card data and PIN are captured and sent to attackers, who can clone the card or run unauthorized contactless payments. This mode of contactless payment fraud turns the victim’s own smartphone into a card skimmer, making it difficult to spot until money disappears from the account.
The Growing Threat of Reverse NFC on Android Payments
Reverse NFC attacks target Android payment security by turning the phone into a fake card that pays thieves instead of merchants. Attackers send victims a malicious app and convince them to set it as the primary contactless payment method on their Android device. The app then generates an NFC signal that ATMs recognize as the scammers’ card, not the victim’s. Victims are persuaded to visit an ATM and “move funds to a secure account” using their phone, unaware that every deposit goes straight to criminals. As Kaspersky notes, while attackers previously relied on direct NFC, reverse NFC now appears more common and is harder to detect, because victims willingly transfer the money themselves. These transactions look legitimate to banks, making this strain of NFC relay attacks especially dangerous and difficult to dispute.
Key Warning Signs Your NFC Payments May Be Compromised
NFC security threats often start with subtle red flags. Be suspicious of any message, call, or chat that pressures you to install an app outside official stores, especially if it relates to banking, identity checks, or “urgent security verification.” If someone tells you to tap your bank card to your phone or enter its PIN into a new app, treat that as a serious warning sign of contactless payment fraud. Another red flag is being told to change your default Android payment app to a tool a stranger provides, or being instructed to test a payment at an ATM for “security reasons.” Unexplained pushes to visit specific ATMs or follow step-by-step deposit instructions should also raise alarms. Whenever your phone, card, and ATM are involved together under outside guidance, stop and contact your bank directly using official channels.
Practical Steps to Protect Your Android NFC Payments
You can cut the risk of NFC relay attacks with a few concrete habits. First, disable NFC on your Android phone when you are not actively using contactless payments; turning it on only at the checkout sharply reduces the attack surface for NFC relay malware. Only install apps from official stores, and avoid links sent in chats, SMS, or social media. Never follow instructions from strangers at an ATM, regardless of who they claim to represent. In your banking apps, enable transaction limits and alerts so unusual payments or cash deposits trigger instant notifications. Check your bank and card statements often to spot unauthorized activity early. Finally, use a reliable mobile security solution that can block known NFC malware families and phishing sites, adding another layer of defense around your Android payment security.
