Hackers target SBI (State Bank of India) customers with a phishing scam where hackers have flooded them with suspicious text messages.
Hackers target SBI (State Bank of India) customers with a phishing scam where hackers have flooded them with suspicious text messages.
According to the probe, hackers targeted SBI users by sending text messages herein they requested them to redeem their SBI credit points worth Rs 9,870.
The message’s link redirects the bank customers to a fake website and asks users to submit personal information along with sensitive financial details like card number, expiry date, CVV and Mpin in a`State Bank of India Fill Your Details ’ form.
After the form is submitted, the user is directed to a “thank you” page.
According to an investigation by CyberPeace Foundation, personal information included name, email, registered mobile number, email password and date of birth. The website collects data directly without any verification and is registered by a third party instead of having the registrant organisation name of State Bank of India, making it all the more suspicious.
"The domain name of the website can be traced to India, and the registrant state was found to be Tamil Nadu," the report mentioned
“The email password field shows the entered password in clear text instead of keeping the characters hidden. A similar source code observation is noted," it added.
“The card number field accepts an infinite number of digits instead of only 16 digits, which SBI cards usually have. All these instances of negligence clearly indicate bad coding practice," the foundation said.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?