Indian Computer Emergency Response Team or CERT-IN A new scam has been issued to all citizens living in the country. This warning is about bank fraud. The security agency noted that hackers are showing up as bankers, claiming that consumers are victims of a new type of phishing attack. For this purpose pundas are using ngrok platform. Phishing attacks are being conducted to obtain sensitive information about users’ internet banking credentials, one-time passwords, phone numbers and more. CERT-IN observes that Indian banking customers are victims of a new type of phishing attack using the ngrok platform. By using these phishing websites, fraudsters are stealing customers’ sensitive information and clearing their accounts in real time. Let us tell you how you can avoid this fraud:
Read on
This type of message is written in a fraud message
The security agency also said that phishing attacks are methods to steal user sensitive information. Advisors say customers usually receive an SMS containing phishing links that end with ngrok.io. The SMS reads: “Dear customers, your xxx bank account will be frozen. Please do a KYC verification by clicking the link below. Click the link.” Some such messages are sent to the user. Most people click on such messages because when you get this kind of dangerous message, you rarely check the source or pay attention to the smallest details. It is very easy for a fraudster. Let’s do it.
This is how to cheat with customers
When users click on the URL provided with the message and log into the phishing website using their Internet banking credentials, the fraudsters generate OTP, which is then delivered to the user’s phones. Users access the OTP on the website, which is captured by a hacker. Finally, the hacker captures the OTP and transmits it to 2FA for fraudulent transactions.
Also read: – If you don’t like the photo in Aadhaar, follow this easy way to change the photo without any hassle.
Keep these things in mind to avoid fraud
As a suggestion, CERT-In has asked users to be very careful about such emails or messages. Notably, messages sent by banks actually contain a user ID, which is usually the bank’s short name. However, in a fraudulent message, you do not get a user ID but a phone number that does not look like the original number. Sent in fraud messages are usually grammatically incorrect and cannot be written using the correct language. No good bank sends such poorly formatted messages to its customers.
You have to be careful when opening email attachments that don’t actually look like it. If you are unsure, contact your bank directly. Users are more likely to fall for such messages because when you receive such a warning message, you rarely check sources or pay attention to details. Most people try to fix the problem before they lose their account.
