As per a Delhi based think tank, SBI customers have confronted phishing scam and in it the hackers sent suspicious text messages and requested customers to redeem their SBI credit points totaling to Rs. 9870, reported IANS.
The message link took the customers to an illicit portal and asked customers to furnish confidential credentials such as expiry date, CVV, card number, Mpin in a 'State Bank of India Fill Your Details' form. After the form is submitted, the user is directed to a "thank you" page.
Also, the probe found other suspicious elements which suggested that this was completely a phishing attack. Say for instance, personal information was taken with no validation. The registered mobile number data also accepted alphabets and other input which should otherwise be accepting only numeric data.
Besides, the card number accepted more than 16 digits. So, the foundation stressed that lenders like SBI do not use WordPress like CMS technologies for safety reasons. The think tank also pointed that the illicit website collected the data directly and was registered by a third party and not SBI. It claimed website's domain name has been traced to Tamil Nadu.