Shrestha IT Technologies Private Limited, based in Belagavi, detected a significant online scam targeting users of the State Bank of India (SBI). The threat intelligence team discovered a phishing scam, with a large part of the fraudulent website using images from the official SBI site. The phishing site mimics the login process, redirecting users to a deceptive login page.
Notably, various functionalities on the phishing site, such as image CAPTCHA, audio CAPTCHA, new user links, and forgot username/password links, are placeholders and non-functional. The scam prompts users to provide sensitive information, including account details, OTPs, PAN, and Aadhaar information. The phishing website imitates the verification process but eventually times out.
Shrestha IT Technologies urges caution and verification before responding to urgent messages related to financial institutions, advising users to contact the bank directly to verify any suspicious communication. The company has also developed tools to identify and address such cybersecurity issues in real time.