Bank account holders should be careful, cyber security agency gave this warning
The country’s cyber security agency has warned in its fresh advisory that scammers are targeting banking customers in India using a novel phishing attack to gain sensitive information such as internet banking credentials, mobile numbers and OTPs. This is being done with the help of Engrok Platform web application. It has been learned from the agency that Indian banking customers are being targeted by a new type of phishing attack using the ngrok platform.
As per the advisory given by CERT-In, Engrok is misusing the platform to commit such frauds. CERT-In is the federal technology branch for combating cyber attacks and protecting cyberspace against phishing and hacking attacks and similar online attacks.
According to CERT Inn, when someone, as a trusted entity, induces a victim to click on a fake link to steal password, login credentials and one-time password, it is called phishing fraud. Using these phishing websites, hackers are collecting sensitive information of customers such as internet banking credentials, mobile numbers and OTPs to perform fraud transactions.
Phishing attacks have been seen to be triggered via SMS containing links that end with ngrok.io/xxxbank. The advisory has tried to explain it through a sample SMS. According to the advisory, some such messages come to the customers that dear customer your xxx bank account will be suspended! Please click on this link to update KYC verification again. The link https://446bdf227fc4.ngrok.io/xxxbank” goes something like this.
Once a victim clicks on this URL (Universal Resource Locator) and logs in to a phishing website using internet banking credentials, the attacker generates an OTP for 2FA or Two Factor Authentication, which is the victim’s phone number. But it gets delivered. The victim then enters this OTP in the phishing site, which is captured by the attacker. Finally the attacker accesses the victim’s account using the OTP and makes the transaction.
The cyber security agency has suggested some measures to prevent these attacks. The most important thing is that if someone is messaging you, then he is not suspicious. In reality such numbers do not look like real mobile phone numbers as scammers often hide their identity using email-to.
The actual SMS received from banks usually contains the sender ID (contains the bank’s abbreviation) instead of the sender’s phone number. Internet Banking users are suggested to click on only those URLs which clearly point to the website domain. If in doubt, you can directly go to the search engine and get information about the website concerned.
According to SERT In, users need to be very careful with short URLs containing bit.ly and tinyurl. Users are advised to hover their cursor over the shortened URL (if possible) to view the full website domain or use the URL checker, which allows the user to enter a shortened URL and view the full URL . The advisory states that users can also use the shortening service preview feature to view the entire URL.
Install anti-virus and anti-spyware software, filtering tools, firewall and filtering services on your phone, computer system or laptop. Update spam filters with the latest spam mail content. Customers should immediately report any unusual activity in their account to the concerned bank. The advisory said that phishing websites and suspicious messages should be reported to CERT-in at [email protected] and the banks concerned with relevant details so that appropriate further action can be taken.
#Bank #account #holders #careful #cyber #security #agency #gave #warning