Security Researchers have discovered dozens of fake SSL Certificates being used to enact financial institutions, e-commerce site vendors, Internet Service Providers and social networking sites. Fake SSL certificates are not digitally signed by a trusted certificate authority, so if you are accessing a sensitive website from your Smartphone apps or any other non-browser software, then you may be at a great risk. 40% of iOS-based banking apps tested by IO Active are vulnerable to such attacks because they fail to validate the authenticity of SSL certificates presented by the server.
Source: https://thehackernews.com/2014/02/Fake-SSL-Certificates-non-browser-applications-MitM-Attacks.html