Advertisement
Tuesday, Aug 09, 2022
Outlook.com
Outlook.com

A New Phishing Attack: Cyber Security Agency Warns Banking Customers In India

The Indian banking customers are being targeted by a new type of phishing attack using ngrok platform, said CERT, the country's cyber security agency.

A New Phishing Attack: Cyber Security Agency Warns Banking Customers In India
Phishing denotes to the fraud when an attacker, masquerading as a trusted entity, tricks a victim into clicking evil links to steal passwords, login credentials and one-time password (OTP). | Representational Image
A New Phishing Attack: Cyber Security Agency Warns Banking Customers In India
outlookindia.com
2021-08-12T10:55:00+05:30

The Indian Computer Emergency Response Team (CERT), the country's cyber security agency, has warned in its latest advisory that scammers are targeting banking customers in India using a novel phishing attack to collect sensitive information such as internet banking credentials, mobile number and OTP to carry out fraudulent transactions.

The Indian Computer Emergency Response Team or CERT-In is the federal technology arm to combat cyber attacks and guarding the cyber space against phishing and hacking assaults and similar online attacks.

It said that the malicious activity is being carried out using the ngrok platform, a unique web application.

 "It has been observed that Indian banking customers are being targeted by a new type of phishing attack using ngrok platform."

 "The malicious actors have abused the ngrok platform to host phishing websites impersonating internet banking portals of Indian banks," according to the advisory issued by CERT-In on Tuesday.

Phishing denotes to the fraud when an attacker, masquerading as a trusted entity, tricks a victim into clicking evil links to steal passwords, login credentials and one-time password (OTP).

Using these phishing websites, the advisory elaborated, "malicious actors" are collecting sensitive information of the customers such as internet banking credentials, mobile number and OTP to perform "fraudulent transactions."

It said the phishing attacks have been seen to be triggered through SMSes containing links that end with ngrok.io/xxxbank.

The advisory explained this with a sample SMS.

"Dear customer your xxx bank account will be suspended! Please Re KYC Verification Update click here link http://446bdf227fc4.ngrok.io/xxxbank".

 Once a victim clicks on this URL (universal resource locator) and log in to the phishing website using internet banking credentials, the attacker generates OTP for 2FA or two factor authentication which is delivered to the victim's phone number.

"The victim then enters this OTP in the phishing site, which the attacker captures," it said.

Finally, the attacker gains access to the victim's account using the OTP and performs fraudulent transactions, the advisory said.

 The cyber security agency has suggested some "best practices" to nip these attacks in the bud, the most important being: "Look for suspicious numbers that don't look like real mobile phone numbers as scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number."

"Genuine SMSes received from banks usually contain sender id (consisting of bank's short name) instead of a phone number in sender information field."

It further suggested internet banking users to "only click on URLs that clearly indicate the website domain."

"When in doubt, users can search for the organisation's website directly using search engines to ensure that the websites they visited are legitimate," it said.

A specific check against such attacks is "exercising caution towards shortened URLs, such as those involving bit.ly and tinyurl."

"Users are advised to hover their cursors over the shortened URLs (if possible) to see the full website domain which they are visiting or use a URL checker that will allow the user to enter a short URL and view the full URL," it said.

Users can also use the shortening service preview feature to see a preview of the full URL, the advisory stated.

 It said bank customers should pay "particular attention to any mis-spelling and/or substitution of letters in the URLs of the websites they are browsing."

Some other counter-measures stated in the advisory are the often-repeated principles that are advised for safe browsing and accessing the internet.

"Install and maintain updated anti-virus and anti-spyware software, filtering tools (anti-virus and content-based filtering), firewall, and filtering services."

Update spam filters with latest spam mail contents, it said.

 "Customers should report any unusual activity in their account immediately to the respective bank," it said.

 "Phishing websites and suspicious messages should be reported to the CERT-In at incident@cert-in.org.in and respective banks with the relevant details for taking further appropriate actions," the advisory concluded.

(PTI inputs)

Advertisement

Outlook Newsletters

Advertisement
Advertisement
Advertisement

Read More from Outlook

Lament Of Separation: Songs Of Habba Khatun, Last Queen Of Kashmir, Still Echo In Valley

Lament Of Separation: Songs Of Habba Khatun, Last Queen Of Kashmir, Still Echo In Valley

In happy times and sad, Habba Khatun’s sensuous songs make both young and old emotional. With the never-ending conflict bringing tragedies to every doorstep, Habba’s lyrics of separation amplify their mourning.

How Indian Laws Govern People’s Right To Love And Live

How Indian Laws Govern People’s Right To Love And Live

In India, only those relationships between a man and a woman are considered to be legitimate when there is a marriage between the two.

Kohli Quits Test Captaincy, Leaves Leadership Vacuum

Kohli Quits Test Captaincy, Leaves Leadership Vacuum

Virat Kohli, 33, had recently stepped down as India's T20I captain and was subsequently removed as the ODI captain.

UP Elections 2022: How Congress Is Harnessing Power Of 'Persecuted' Women To Counter BJP

UP Elections 2022: How Congress Is Harnessing Power Of 'Persecuted' Women To Counter BJP

A Mahila Congress leader, who is the face of the ‘Ladki Hoon, Lad Sakti Hoon’ campaign, however, has accused the party of anti-women bias after she was denied a ticket.

Advertisement