You are here: Home » Economy & Policy » News » Demonetisation
Business Standard

Phishing website spoof 26 banks, including SBI, ICICI: US Report

In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details.

IANS  |  New Delhi 

Banks see surge in card usage; demand jumps for PoS terminals

Researchers from US-based cyber security company have claimed discovering malicious websites created by cyber criminals that spoof 26 Indian to steal personal information from customers.

identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a website that leads to the capturing of customer information from 26 operating in the country, the company said in a statement on Thursday.

In this attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim.

The site served fake logins from 26 banks, including HDFC Bank, ICICI Bank, IDBI Bank, State Bank of India, among others.

This is how it works. When navigating to the URL, the domain appears to be a payment gateway and requests that the user enter their bank account number and the amount to be transferred. The victim is allowed to choose their bank from a list.

In the next step, the malicious website requests the victim to enter their valid 10-digit mobile number and email ID which makes the website appear more legitimate.

"The victim will then be redirected to the spoofed online banking page of the bank they selected and are requested to login," said.

After entering their login credentials, the victim will key in their OTP and once all the sensitive data is gathered, a fake failed login message such as "Some error occurred. Try after some time" will be displayed to the victim.

"Criminals follow the money and as more Indians embrace online banking, criminals followed them online. As the digital economy grows, consumers should be aware of the risks that accompany the convenience," noted Vishak Raman, Senior Director for India and Saarc at FireEye.

Using the registration details of this domain, security researchers identified a second domain (nsecurepay[.]com) registered by the same attacker in August 2016 and appeared to be created to steal credit and debit card information, including ICICI, Citibank, Visa and MasterCard and SBI debit card details.

"The ease of online payments opens new avenues for criminals to trick consumers into divulging their own sensitive banking information. The growing sophistication of these cyber criminal campaigns makes them harder for consumers to identify and firewalls and antivirus technology do not stop these attacks," Raman added.

said it has notified the Indian Computer Emergency Response Team (CERT-In), which is under the Ministry of Electronics and Information Technology, about the threat.

 

Phishing website spoof 26 banks, including SBI, ICICI: US Report

In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details.

Researchers from US-based cyber security company FireEye have claimed discovering malicious phishing websites created by cyber criminals that spoof 26 Indian banks to steal personal information from customers.

Researchers from US-based cyber security company have claimed discovering malicious websites created by cyber criminals that spoof 26 Indian to steal personal information from customers.

identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a website that leads to the capturing of customer information from 26 operating in the country, the company said in a statement on Thursday.

In this attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim.

The site served fake logins from 26 banks, including HDFC Bank, ICICI Bank, IDBI Bank, State Bank of India, among others.

This is how it works. When navigating to the URL, the domain appears to be a payment gateway and requests that the user enter their bank account number and the amount to be transferred. The victim is allowed to choose their bank from a list.

In the next step, the malicious website requests the victim to enter their valid 10-digit mobile number and email ID which makes the website appear more legitimate.

"The victim will then be redirected to the spoofed online banking page of the bank they selected and are requested to login," said.

After entering their login credentials, the victim will key in their OTP and once all the sensitive data is gathered, a fake failed login message such as "Some error occurred. Try after some time" will be displayed to the victim.

"Criminals follow the money and as more Indians embrace online banking, criminals followed them online. As the digital economy grows, consumers should be aware of the risks that accompany the convenience," noted Vishak Raman, Senior Director for India and Saarc at FireEye.

Using the registration details of this domain, security researchers identified a second domain (nsecurepay[.]com) registered by the same attacker in August 2016 and appeared to be created to steal credit and debit card information, including ICICI, Citibank, Visa and MasterCard and SBI debit card details.

"The ease of online payments opens new avenues for criminals to trick consumers into divulging their own sensitive banking information. The growing sophistication of these cyber criminal campaigns makes them harder for consumers to identify and firewalls and antivirus technology do not stop these attacks," Raman added.

said it has notified the Indian Computer Emergency Response Team (CERT-In), which is under the Ministry of Electronics and Information Technology, about the threat.

 

image
Business Standard
177 22

Phishing website spoof 26 banks, including SBI, ICICI: US Report

In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details.

Researchers from US-based cyber security company have claimed discovering malicious websites created by cyber criminals that spoof 26 Indian to steal personal information from customers.

identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a website that leads to the capturing of customer information from 26 operating in the country, the company said in a statement on Thursday.

In this attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim.

The site served fake logins from 26 banks, including HDFC Bank, ICICI Bank, IDBI Bank, State Bank of India, among others.

This is how it works. When navigating to the URL, the domain appears to be a payment gateway and requests that the user enter their bank account number and the amount to be transferred. The victim is allowed to choose their bank from a list.

In the next step, the malicious website requests the victim to enter their valid 10-digit mobile number and email ID which makes the website appear more legitimate.

"The victim will then be redirected to the spoofed online banking page of the bank they selected and are requested to login," said.

After entering their login credentials, the victim will key in their OTP and once all the sensitive data is gathered, a fake failed login message such as "Some error occurred. Try after some time" will be displayed to the victim.

"Criminals follow the money and as more Indians embrace online banking, criminals followed them online. As the digital economy grows, consumers should be aware of the risks that accompany the convenience," noted Vishak Raman, Senior Director for India and Saarc at FireEye.

Using the registration details of this domain, security researchers identified a second domain (nsecurepay[.]com) registered by the same attacker in August 2016 and appeared to be created to steal credit and debit card information, including ICICI, Citibank, Visa and MasterCard and SBI debit card details.

"The ease of online payments opens new avenues for criminals to trick consumers into divulging their own sensitive banking information. The growing sophistication of these cyber criminal campaigns makes them harder for consumers to identify and firewalls and antivirus technology do not stop these attacks," Raman added.

said it has notified the Indian Computer Emergency Response Team (CERT-In), which is under the Ministry of Electronics and Information Technology, about the threat.

 

image
Business Standard
177 22

Upgrade To Premium Services

Welcome User

Business Standard is happy to inform you of the launch of "Business Standard Premium Services"

As a premium subscriber you get an across device unfettered access to a range of services which include:

  • Access Exclusive content - articles, features & opinion pieces
  • Weekly Industry/Genre specific newsletters - Choose multiple industries/genres
  • Access to 17 plus years of content archives
  • Set Stock price alerts for your portfolio and watch list and get them delivered to your e-mail box
  • End of day news alerts on 5 companies (via email)
  • NEW: Get seamless access to WSJ.com at a great price. No additional sign-up required.
 

Premium Services

In Partnership with

 

Dear Guest,

 

Welcome to the premium services of Business Standard brought to you courtesy FIS.
Kindly visit the Manage my subscription page to discover the benefits of this programme.

Enjoy Reading!
Team Business Standard