An Android SMS forwarding malware is then downloaded to the victim's devices after the phishing site has obtained their banking credentials and personally identifiable information (PII).
Digital Desk: Phishing sites are being used in a new phishing
campaign that targets Indian banking customers in order to gather victims'
banking credentials and personally identifiable information (PII). An Android
SMS forwarding malware is also downloaded to their devices after the details
are stolen. Several domains using the same template were found by CloudSEK's
Threat Research and Information Analytics, which made this discovery.
Veterans of the financial world frequently advise people to avoid
anything they are unsure of. Unfortunately, there is no such warning in
cyberspace; generally, people ignore such warnings and lose money. It's
understandable that con artists would try to trick and con people. This week, I
will explain two techniques con artists use to steal your hard-earned cash. The
first is a payment link scam, which is not brand new but keeps cropping up from
time to time. Second, the fraudsters' method of operation includes
automatically installing mobile malware via links and SMS forwarding apps.
In both scams, the con artists pose as someone else, such as a
bank representative or a customer service representative from a service
provider, to establish contact. They might call, text, or use social media to
get in touch. These con artists frequently request personal information from
the victim or have them click on an online link to confirm information.
Scam Payment Link
Aman Sandhu, a well-known television actor who has appeared in
shows like Savdhaan India and Crime Patrol, lost money due to a payment
link scam.
According to a Times of India report, seven fraudulent fund
transfers totaling Rs 2.05 lakh were made from three of her bank accounts
(ToI).
The transactions took place shortly after she mistakenly clicked
on a WhatsApp link to set her mother's doctor's appointment for July 6, 2022.
Through her bank accounts, the actor had enabled the WhatsApp payment feature.
The actor lost the money within 20 minutes of receiving and
clicking the link, according to information provided to the newspaper by
Goregaon police.
According to a study titled "Tackling India's Financial Cyber
Crimes" by Deepstrat and The Dialogue, payment gateways typically offer
the pay via links feature, which allows display names and logos to be modified.
This enables a fraudster to create a payment link in their own name even though
their own bank account number is used as the destination account number.
Scammers are Using Links and SMS Forwarding Apps to Con Bank
Customers.
Cybersecurity company CloudSEK has discovered a fresh phishing
campaign that uses SMS forwarding apps and a link to file complaints to target
Indian banking customers. An Android SMS forwarding malware is then downloaded
to the victim's devices after the phishing site has obtained their banking
credentials and personally identifiable information (PII).
CloudSEK discovered a number of straightforward online complaint
portals that cater to Indian banking customers with domains like
online-complaint.comor customer-complaint.com. Many websites, including secure accounts.in and accountsecureverify.com
(online-complaint.accountsecureverify.com), employ the same operating system
and share identical templates.
The scammer contacts the client while posing as a bank executive
and shares a link to the fake complaint portal. In order to receive a
"refund" for the "failed transaction," the "bank
executive" also requests that the customer enter their complaint type
along with other private financial data like their card number, CVV number, and
expiration date.
Customer Support Srvice.apk, a malicious customer support
application, downloads to the victims' devices as they are filling out the
form. All incoming SMS messages are sent to this malicious app's command and
control (C2) portal, online-complaint.com.
By using SMS forwarding, the malware enables fraudsters to obtain
other sensitive data, such as one-time passcode (OTP) or two-factor
authentication (2FA) verification codes.
Once these con artists have access to your SMS and all of your
bank account or credit card information, they can easily withdraw money from
your account.
How Being Alert Saves Money
In a blog post, Tejas Balapalli described how scammers tried to
trick him into buying tickets to Varanasi on via.com. He tweeted a message
after running into a problem while making a reservation. He was about to get a
call. He was informed by the caller that via.com transactions are handled by
HDFC. He was asked to send a pre-written SMS to HDFC UPI during the
conversation and enter his card information via a survey money link. However, these instructions served as a reminder, and he cut his credit limit on his card to just Rs 1 more than he had already spent.
The fraudster then instructed him to download and install an SMS
forwarding app, which he did. He then added the fraudster's number to the app
so that it could receive all of his SMS. The fraudster then immediately started
a transaction from his card for Rs 24,774.96. The transaction, however, was
unsuccessful because Tejas had set a limit on his card payments.
Tejas avoided falling for the scammers' payment link and SMS
forwarding app by being watchful and playing shrewd. Go here to learn more
about this.
WhatsApp Fake or Modified
WhatsApp's CEO, Will Cathcart, has urged users not to use modified
or fake versions of the service that are advertised online under different
names. He claims, "Our security team recently found hidden malware in apps
from a developer called "HeyMods" that was distributed outside of
Google Play, including "Hey WhatsApp" and other apps. "These
apps advertised new features but were really just a way to steal people's
personal data from their phones."
The security community is constantly coming up with new strategies
to stop the spread of mobile phone malware, he continued.
Simply put, never click on a link you receive from an unidentified
person or organization or divulge your financial information. Additionally,
never look up contact or customer service numbers online, particularly those of
banks and credit card companies.
Stay Alert and Safe!
It is best to go to a bank or credit card company's official
website, locate their customer service numbers, and then contact them solely at
those numbers or via email if you have any complaints.
If an unknown caller asks you to visit a website or click on a
link that was sent to you via message (SMS or email), do not comply.
Do not download any apps, as the caller advised.
Never forget that your bank and credit card provider has access
to all of your personal information. This means they would never ask you
to give them your personal information over the phone, by email, or online.
To protect yourself from viruses, malware, ransomware, and remote
access, use a high-quality anti-virus program (many free apps offer good
protection).
Continue Reading
