The Indian Computer Emergency Response Team (CERT-IN) has issued a warning informing the new scam in the house which is targeting Indian banking customers. The CERT-IN agency noted that the cybercriminals are posing as banking professionals and targeting customers with a new type of cyber-attack. It uses ngrok platform that carried out your sensitive and confidential information, such as one-time passwords, Internet banking credentials, phone numbers and more.
CERT-IN says that “It has observed that Indian banking customers are being targeted by a new type of phishing attack using ngrok platform. The malicious actors have abused the ngrok platform to host phishing websites impersonating the internet banking portals of Indian banks. Using these phishing websites, malicious actors are collecting sensitive information of the customers like Internet Banking credentials, mobile number, One Time Password(OTP) etc. to perform fraudulent transactions.”
How Spammers Trap Banking Customers?
Also, the agency explained how this phishing attack is being carried out to steal customer’s sensitive information. Security agency issued an advisory stating that banking customers get SMS embedded with phishing links that end with ngrok.io. The message is quite similar to “Dear customer your xxx bank account will be suspended. Please Re KYC Verification Update. Click on the link…”
It is very much likely that users may click on such links as it includes alarming messages that you barely ignore. Once a user clicks on the given URL, they log in to the phishing website. Then, it generates an OTP that is delivered to the users’ phones. After this, a user is asked to enter the given OTP in the box. In the end, the attacker gets hold of the OTP and bypasses the 2FA to make fraudulent transactions. The CERT advisory suggests users be very cautious of such fraudulent messages and emails. Don’t pay attention to such emails and messages.