SBI Alert: Clicking on links for KYC can get you hacked

July 10, 2021 Finance Talk Valli Sarvani No comments

With the increasing number of digital transactions in the country, there is also an increase in the number of potential scams that can happen. Especially with the coronavirus pandemic, more people are opting for cashless transactions.

As people are using the internet for financial transactions, it is imperative to be safe while performing them. Many banks tell their customers not to click on suspicious links or share OTP with others.

A new scam has started by Chinese hackers. SBI customers are being targeted in this scam. The hackers are using the guise of KYC verification and are sending “verification links” to unsuspecting victims.

Customers will receive an SMS or a WhatsApp message telling them to update their KYC details. A link will be provided to do the updates. If the customers open the link, they are asked to provide their details. To make the scam look more legitimate, the hackers are also sending an email at the same time.

These links lead to phishing sites that look exactly like the official SBI website.

If unsuspecting customers end up sharing their personal details like username or password, they will become victims of this scam and lose their money.

Two such incidents have been studied by the research wing of New Delhi CyberPeace Foundation along with Autobot Infosec Pvt Ltd. The domain names used in this scam campaign have been registered in China.

Even though SBI users are being targeted in this scam, the research team has found that the hosting web server has directory listing enabled and found other links and that it was not just limited to SBI users. Other banks targeted in this phishing scam include IDFC, PNB, IndusInd and Kotak bank.

Image Credit: sushanta mohanta sindrani / CC BY 3.0, via Wikimedia Commons

Source: https://web.archive.org/web/20161017124312/http://www.panoramio.com/photo/48255145