The Ministry of Post and Telecommunications has warned the public about a new phishing scam in which a person receives an SMS or email with a fake bank domain name aiming to steal money from the victims’ bank account.
According to a notification made by the minister yesterday, in this scam, hackers send an SMS or email to the victims saying that their banks account “has been logged in through another platform”. It asks the victim to verify the account by clicking on a link with a domain name which is similar to the one used by the victim’s actual bank.
The link leads to a registration site where the victim is required to fill in their bank account numbers and passcode, which the hackers use to steal money from their bank account.
“Users must not click on or reply to any link or domain name in SMS or email. They must carefully inspect the website’s domain name to avoid giving out personal information to hackers,” the ministry said.
“In general, banks and other financial institution do not ask their customers to give them account numbers, passcode or OTP (One-time password),” it added.
The ministry has told people to contact their banks immediately if they think they have fallen for an internet scam.
- Tags: scam