Alert! This new scam is targeting Indian banking customers
The CERT-IN (Indian Computer Emergency Response Team) has issued a warning about the new scam that is targeting Indian banking customers. The security agency said that the cybercriminals are posing as banking professionals and targeting customers with a new type of phishing attack using ngrok platform."
It has been observed that Indian banking customers are being targeted by a new type of phishing attack using ngrok platform. The malicious actors have abused the ngrok platform to host phishing websites impersonating the internet banking portals of Indian banks. Using these phishing websites, malicious actors are collecting sensitive information of the customers like Internet Banking credentials, mobile numbers, One Time Password (OTP) etc. to perform fraudulent transactions," CERT-IN has noted.
The security agency has explained how a phishing attack is carried out to steal users sensitive information. Customers may get SMSes embedded with phishing links that end with ngrok.io. A message like, "Dear customer, your xxx bank account will be suspended. Please Re KYC Verification Update. Click on the link.." are sent to users.
More often a user falls for such alarming messages because you rarely check the sources or observe the details. Most users try to do is fix the issue before they lose their account.
So when a user clicks on the URL shared with the message and login to the phishing website using their internet banking credentials. The scammer generates OTP which is delivered to the users' mobile. When a user enters the OTP on the phishing website, the scammer gets hold of the OTP and bypasses the 2FA to make fraudulent transactions.
CERT-in has asked users to be extremely cautious of such emails or messages, in the advisory. Note, the messages that the banks actually send contains a sender ID, which is generally the bank's short name. Whereas, in messages sent by scammers, you would not find a user ID but a phone number that does not seem genuine. Pay attention to the sander's language, the messages are usually grammatically incorrect and are not written in a proper format. No bank will ever send such poorly drafted messages to its customers.
You should be cautious while opening email attachments that do not seem genuine. Contact your bank directly, if you are unsure about something.