SBI Bank Customer Alert: As most of the financial transactions have become online, there has been a sharp rise in the number of cybercrimes happening across the globe. In recent times, the banks have asked their customers to follow safe practices while transacting online. The banks are also asking the customers not to share One-Time Password (OTP) or click on dubious links that might be a part of a scam. In such online scams, SBI bank customers are being targeted by Chinese hackers.Also Read – Aadhaar Card Update: You Can Avail These Aadhaar Services With No Help of Internet | Step-by-step Guide Here
The scams are increasingly happening across the country as the hackers are targeting SBI customers in the name of KYC verification, a report by CyberPeace Foundation and Autobot Infosec stated. Also Read – Aadhaar Card Update: Want to Change Your Phone Number? Step-by-step Guide Here
Part of the scam, these hackers first send an SMS or a WhatsApp message asking customers to update their KYC via a link in the message. After clicking on the malicious links, customers are asked to update their KYC details. Moreover, the customers also receive email regarding the same from the hackers. Once you click on the link, it will redirect you to a web page that looks exactly like the original SBI website. On these fraud websites, the customers are asked to share their SBI banking details such as username, password, and captcha information and others. After they enter all their details, then they receive an OTP from the bank. After using the credentials and OTP, these hackers transfer money from your account. Also Read – OTP Not Coming Today? Full List of Banks, Other Firms Whose Customers May Face OTP Problem from April 1
The research wing of New Delhi-based think tank CyberPeace Foundation, along with Autobot Infosec Pvt Ltd, studied two such incidents on the name of SBI that were faced by some smartphone users. “All the domain names associated with the campaign have the registrant country as China,” the research team said.
The research team came to a conclusion that the campaign is pretended to be launched from State Bank of India but hosted on the third-party domain instead of the official website www.onlinesbi.com, which makes it more suspicious.
The researchers recommend that people should avoid opening such messages sent via social platforms. “The URL manipulation showed that the web server has directory listing enabled and found other links visible which proves that not only the SBI users, IDFC, PNB, IndusInd and Kotak bank users are also targeted by the same type of phishing scam,” the team noted.
