Shreshta Threat Intelligence has uncovered a sophisticated phishing scam targeting HDFC Bank customers. The phishing websites crafted by the threat actors is visually perfect unlike the Phishing Campaign targeting State Bank of India users
The phishing websites replicate the structure of the legitimate HDFC Bank website. This makes it extremely difficult to identify the scam websites.
The visually perfect HDFC bank phishing campaign
Video 1 – Shows the visual comparison between the legitimate HDFC Bank website and the phishing website
Motive
The motive of the threat actors is to harvest the user’s Internet banking credentials.
Sophisticated phishing scam
Figure 1 – The phishing website prompts the user to enter their Internet banking credentials
The phishing website replicates the structure of the legitimate HDFC Bank website. This makes it extremely difficult to identify the scam websites.
Figure 2 – This page prompts the user to enter their “Password/IPIN”
Figure 3 – After entering the credentials, the user receives an error message indicating that the provided credentials are invalid.
Newly Registered domain names
The domain names of this phishing campaign have been registered in the last two weeks. Newly registered domains can be a potential security risk for organisations. They are often used to host phishing, malware, and other malicious content. Shreshta Threat Intelligence detects and tracks newly registered domain names as soon as they are registered online.
Safety Recommendations
- An SMS/email/Whatsapp message with a tone of urgency should be dealt with with extreme caution. This is true, especially in the case of any message from the bank.
- Always reach out directly to the bank and verify suspicious messages/emails before taking any action at your end.
- If you become a victim of cybercrime, particularly financial crime, call the national (India) cybercrime helpline 1930 or file a complaint at https://cybercrime.gov.in/
- Shreshta Protective DNS blocks phishing, malware, newly registered domain names and other malicious communication in real-time. For enterprises, please email info@shreshtait.com for a free 30-day trial.
Conclusion
With the growing cyber threat landscape, threat actors continue to operate phishing campaigns at scale and it’s important to stay vigilant and not fall prey to phishing scams.
Get free access to Newly registered domain names (NRD) community feeds
Newly registered domain names or recently registered domains can be a potential security risk for organisations. They are often used to host phishing, malware, and other malicious content.
By monitoring or blocking NRDs, enterprises can eliminate the risk of cyber threats posed by NRDs.
Get no-cost access to our newly registered domain names(NRD) community feeds.
Download the free NRD community feeds
Free 30-day trial of our threat intelligence
Threat actors constantly optimise and evolve their attacks to steal credentials and data and infiltrate networks. Our threat intelligence feeds are highly actionable and curated to protect against phishing, malware, C2 and newly registered domain names.
Interested? Please send us an email to sales@shreshtait.com for a free 30-day trial.
