Researchers from the United States-based cyber security company FireEye claimed to have discovered malicious phishing websites created by cyber criminals who are planning to spoof 26 Indian banks to steal personal information from customers.
FireEye recognised a new domain (csecurepay[.]com) that was registered on 23 October this year. It appears to be an online payment gateway, but actually is a phishing website that captures customer information from 26 banks operating in the country.
In this phishing attack, the victims are asked to enter their account number, mobile number, email address, one-time password and other details. Once the information is collected, the website displays a fake failed login message to the victim.
The phishing site served fake logins from 26 banks, including HDFC Bank, ICICI Bank, IDBI Bank and the State Bank of India, among others. FireEye said it has notified the Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, about the threat.
With inputs from IANS