Banking customers in India may fall victim to this novel phishing attack. How to identify - Hindustan Times
close_game
close_game

Banking customers in India may fall victim to this novel phishing attack. How to identify

By | Written by Kunal Gaurav, Hindustan Times, New Delhi
Aug 11, 2021 02:47 PM IST

Using a sample SMS, India's cybersecurity agency elaborated how the “malicious actors” are tricking banking customers into clicking on phishing websites to carry out fraudulent transactions.

Scammers are targeting banking customers in India with a new type of phishing attack by impersonating internet banking portals, the country’s cybersecurity agency has warned. Indian Computer Emergency Response Team, or CERT-In, issued an advisory Tuesday, saying the scammers are hosting phishing websites on the ngrok platform to collect sensitive information like internet banking credentials, mobile numbers and One Time Password (OTP).

CERT-In issued an advisory Tuesday, saying the scammers are hosting phishing websites on the ngrok platform to collect sensitive information ( Istockphoto/representative Image)
CERT-In issued an advisory Tuesday, saying the scammers are hosting phishing websites on the ngrok platform to collect sensitive information ( Istockphoto/representative Image)

"It has been observed that Indian banking customers are being targeted by a new type of phishing attack using ngrok platform," the CERT-In advisory said.

Hindustan Times - your fastest source for breaking news! Read now.

"The malicious actors have abused the ngrok platform to host phishing websites impersonating internet banking portals of Indian banks," it added.

Using a sample SMS, the cybersecurity agency elaborated how the “malicious actors” are tricking banking customers into clicking on phishing websites to carry out fraudulent transactions. The scammers send an SMS with embedded phishing links ending with ngrok.io/xxxbank, where xxx denotes the name of the bank.

“Dear customer your xxx bank account will be suspended! Please Re KYC Verification Update click here link http://446bdf227fc4.ngrok.io/xxxbank,” the sample SMS reads.

Also Read | Ex-defence personnel hit by phishing attack

CERT-In said that once the customer clicks on the URL and login to the phishing website using their internet banking credentials, the attacker generates OTP using the information. The phishing victim then enters the OTP on the phishing site, which the attacker captures and gains access to the victim's account to carry out fraudulent transactions.

"Phishing websites and suspicious messages should be reported to the CERT-In at incident@cert-in.org.in and respective banks with the relevant details for taking further appropriate actions," the advisory said.

Here are some of the “best practices" listed by CERT-In to prevent such attacks:

  • Banking customers should look for suspicious numbers that don't look like real mobile phone numbers as attackers often mask their identity by using email-to-text services to avoid revealing their actual phone number.
  • Genuine SMSes received from banks usually contain sender id (consisting of bank's short name) instead of a phone number in the sender information field.
  • They should only click on URLs that clearly indicate the website domain.
  • They can search for the organisation's website directly using search engines to ensure that the websites they visited are legitimate.
  • Users should exercise particular caution towards shortened URLs, such as those involving bit.ly and TinyURL.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away!- Login Now!
Stay informed on Business News along with Gold Rates Today, India News and other related updates on Hindustan Times Website and APPs
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Thursday, March 28, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On