Advertisements

Do not fall for SMSes asking you to update your KYC as it can be used to steal your banking credentials

Do not fall for SMSes asking you to update your KYC as it can be used to steal your banking credentials

The security agency has noted that the cybercriminals are posing as banking professionals and targeting customers with a new type of phishing attack using ngrok platform.

HIGHLIGHTS

  • The Indian Computer Emergency Response Team or CERT-IN has issued a warning about the new scam in town that is targeting Indian banking customers.
  • Phishing attacks are being carried out to obtain sensitive information of users such as their Internet banking credentials.
  • The advisory states that customers usually get SMSes embedded with phishing links that end with ngrok.io.

The Indian Computer Emergency Response Team or CERT-IN has issued a warning about the new scam in town that is targeting Indian banking customers. The security agency has noted that the cybercriminals are posing as banking professionals and targeting customers with a new type of phishing attack using ngrok platform. Phishing attacks are being carried out to obtain sensitive information of users such as their Internet banking credentials, one-time password, phone number and more.

“It has been observed that Indian banking customers are being targeted by a new type of phishing attack using ngrok platform. The malicious actors have abused the ngrok platform to host phishing websites impersonating the internet banking portals of Indian banks. Using these phishing websites, malicious actors are collecting sensitive information of the customers like Internet Banking credentials, mobile number, One Time Password(OTP) etc. to perform fraudulent transactions,” CERT-IN has noted.

The security agency has also explained the ways by which a phishing attack is carried out to steal the sensitive information of users. The advisory states that customers usually get SMSes embedded with phishing links that end with ngrok.io. A message is similar to “Dear customer your xxx bank account will be suspended. Please Re KYC Verification Update. Click on the link..” Are sent to users.

It is very likely for a user to fall for such messages because when you get an alarming message like this, you rarely check the sources or pay attention to details. The first thing that most people try to do is fix the issue before they lose their account.

So when a user clicks on the URL provided with the message and login to the phishing website using their internet banking credentials. The scammer then generates OTP which is delivered to the users’ phone. The user then enters the OTP on the website, which is captured by the attacker. Finally, the attacker gets hold of the OTP and bypasses the 2FA to make fraudulent transactions.

In the advisory, CERT-in has asked users to be extremely cautious of such emails or messages. Notably, the messages that are actually sent by banks contains a sender ID, which is usually the bank’s short name. However, in messages that are sent by frauds, you would not find a user ID but a phone number that does not seem genuine at all. Do pay attention to the language used by the sender. The messages are usually grammatically incorrect and are not written using a proper format. No known bank will send such shabbily drafted messages to its customers ever.

You should exercise caution while opening email attachments that do not seem genuine at all. If you are unsure about something, contact your bank directly.