New Delhi | Jagran Technology Office: As much as digitization has made our lives easier and saved us time, the number of digital frauds has also increased thereafter. The government has from time to time made the population aware of digital counterfeiting. CERT-In, a government agency under the Ministry of Electronics and Information Technology (MeitY), has informed people of scammers who collect sensitive information such as internet banking credentials, telephone number cell phone and OTP to conduct fraudulent transactions. These activities are carried out using the ngrok platform (cross-platform application)
“It has been observed that Indian banking customers are being targeted by a new type of phishing attack using the ngrok platform,” CERT-In said, quoted by Times of India.
“Malicious actors have abused the ngrok platform to host phishing websites masquerading as online banking portals of Indian banks,” according to the notice published Tuesday by CERT-In.
Hackers claim in messages sent to customers that if the KYC is not updated, their bank account will be suspended. For this, hackers send the link http://446bdf227fc4.ngrok.io/xxxbank and by clicking on the links, customers are asked to enter their online banking details as well as the OTP. As soon as the victim enters the OTP on the phishing site, the hacker captures them and can easily access the victim’s account and make money transactions.
The government continually asks citizens to be very sure of the site where they fill in their bank credentials, as there is more chance of losing money due to these bank frauds.
Do not click on these links
http: // 1a4fa3e03758. ngrok [.] io / xxbank
http: //1e61c47328d5.ngrok[.]io / xxxbank
Please note that it may contain your bank name instead of XX. While full-kyc.php can also be written in the last of the name.
Posted by: Mallika Mehzabeen