SBI account holder? Hackers are targetting you online, just don't make this big mistake | Tech News

SBI account holder? Hackers are targetting you online, just don't make this big mistake

SBI account holders are being targetted online by sophisticated Chinese hackers who have launched phishing attacks to steal money.

By: HT TECH
| Updated on: Aug 21 2022, 18:30 IST
SBI account holders can stop these hackers phishing for their money by showing more awareness.
SBI account holders can stop these hackers phishing for their money by showing more awareness. (MINT_PRINT)
SBI account holders can stop these hackers phishing for their money by showing more awareness.
SBI account holders can stop these hackers phishing for their money by showing more awareness. (MINT_PRINT)

If you are an SBI account holder, then beware! You are being targetted online by Chinese hackers and you could even lose your money. Phishing scams have been increasing and in the last couple of months, numerous reports have detailed new and innovative means that these scammers are using to dupe innocent people into giving up their financial credentials that ultimately leads them to lose their money. Just such a scam is targeting State Bank of India (SBI) customers and they need to know how to stop these hackers.

How they are doing it

As per reports, Chinese hackers are targeting SBI customers with phishing scams wherein they are asking them to update their Know Your Customer (KYC) details. In some cases, hackers are also sending messages to SBI customers offering free gifts for updating their KYC details.

Also read: Looking for a smartphone? Check Mobile Finder here

To ensure you do not lose your money, you must not click on these messages nor do what they are asking. If you do, you may suffer the consequences.

The method used

Delhi-based think tank CyberPeace Foundation and Autobot Infosec have together studied two incidents wherein the hackers targeted SBI customers. In the first case, customers got a text message requesting KYC verification. On opening the link, customers land on a page that resembles the official SBI online page. When they click on the ‘Continue to Login' button, they are redirected to a page that asks them about confidential information such as username and password along with a captcha code.

"Following this, it asks for an OTP sent to the user's mobile number. As soon as the OTP is entered, it redirects the user to another page that asks the users to enter some confidential information again like account holder name, mobile number, date of birth. After entering the data, it redirects the user to an OTP page," researchers told IANS.

In the second case, hackers are sending a WhatsApp message containing a link to the customers luring them with free gifts worth up to 50 lakhs.

Upon investigation, researchers have concluded that while the campaign is pretending to be by SBI, it is being hosted by a third-party domain.

URL manipulation

The research team came to the conclusion that the campaign is simply pretending to be from State Bank of India but it is hosted on a third-party domain instead of the official website www.onlinesbi.com, which makes it more suspicious.

"The URL manipulation showed that the webserver has directory listing enabled and found other links visible which proves that not only the SBI users, IDFC, PNB, IndusInd and Kotak bank users are also targeted by the same type of phishing scam," the researchers added.

SBI hasn't reacted to the matter as yet.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 07 Jul, 23:40 IST
Tags:
NEXT ARTICLE BEGINS