{"id":4406,"date":"2023-12-01T07:37:22","date_gmt":"2023-12-01T07:37:22","guid":{"rendered":"https:\/\/shreshtait.com\/blog\/?p=4406"},"modified":"2024-02-14T18:27:18","modified_gmt":"2024-02-14T12:57:18","slug":"phishing-campaign-targeting-state-bank-of-india-users","status":"publish","type":"post","link":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/","title":{"rendered":"Phishing Campaign targeting State Bank of India users"},"content":{"rendered":"\n<p><a href=\"https:\/\/shreshtait.com\/\">Shreshta Threat Intelligence<\/a>\u00a0has uncovered a massive phishing campaign targeting State Bank of India users.\u00a0<\/p>\n\n\n\n<p>State Bank of India (SBI) is an Indian multinational public sector bank and financial services statutory body headquartered in Mumbai, Maharashtra. SBI is the 48th largest bank in the world by total assets and ranked 221st in the Fortune Global 500 list of the world&#8217;s biggest corporations of 2020, being the only Indian bank on the list.<a href=\"https:\/\/en.wikipedia.org\/wiki\/State_Bank_of_India\"><sup>1<\/sup><\/a><\/p>\n\n\n<h2><strong>State Bank of India users have been a common prey of phishing attacks<\/strong><\/h2>\n<p>The phishing campaign is targeting\u00a0 State Bank of India users. This campaign involves sending phishing URLs to users via various channels such as email, SMS and WhatsApp.\u00a0<\/p>\n<p>\u00a0<\/p>\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>The phishing websites are lazily crafted, containing images from the official login page of State Bank of India website. We believe the phishing websites are specifically designed for mobile banking, as evident from the structure and design of the website.<\/p><p><br><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><\/p>\n<h2><strong>Motive<\/strong><\/h2>\n<p>The motive of the threat actors is to harvest the Personally Identifiable Information (PII) of the user, specifically, the user\u2019s Internet banking credentials, Aadhar Card number, PAN card number and date of birth.&nbsp;<\/p><p><br><\/p>\n<p><\/p>\n<h2>State Bank of India Phishing campaign Technical Analysis<\/h2>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><strong>Phishing websites impersonating State Bank Of India<\/strong><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/PuN3UVJSJeKxfmvdJnG1NBybQDpleJ5_06J8hwnt58HytWVdtz92smtK210AH0osapj8dkGKVjPJx_T9jq2ScI9MDYbxA9njm8Lx62_VMHclmM0TbfL2jO81SdkOEbzQTSpPEfkE8VbUMQKRzHKgeeY\" alt=\"\"><\/figure>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 1 &#8211; Screenshot of the phishing website impersonating State Bank of India.<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>Notably, a large part of the phishing website has been developed by using images from the official website &#8211; https:\/\/www.onlinesbi.sbi\/<\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/PK7BB9N_CW5C-csCEapHNL5-Bcb21fRjYU8e6sH7RFp-Z8mTWw7cBAtrXluLb-UEjqvOIdvVQcTsw_XwK1CYuAwyQef2TnUhjM-cgm6H_FrnBD6WzFfeZiWmaBfKcq85Zw_yKGQG56GL3PGUSVavq0o\" alt=\"\"><\/figure>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 2 &#8211;&nbsp; The SBI logo and the settings menu are included as an image.<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/QdNZOZg4kkEgj7JVM8ZfaMNmyjXSKVZCQO1XZbyiDTvENxLBX16erjGptW3_ZSWRidjzDy9kWsQV1OhBO-v_M45XmgnuZ9_en61geMZSLveCrxA5qNEvXv2khC7dRmVizAsADmVK8XXt9ZtkEQMryCc\" alt=\"\"><\/figure>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 3 &#8211; Security instructions included in the phishing website are also in the form of an image<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>After clicking on the \u201cContinue to Login\u201d button, the user is redirected to a login page.<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/vDrwdPVxjkOWhEFuleYGYVlRl2y2DqHBo38ZT8HG_Sup-aoKC5PCqYtJnzgo_Bjvr8nbpKE7erLkrYOdAjpXU6muBLrT15ZClLxgRoi5-IoLQC6-LWr1j11iI3g3pnc1NnFGHVc51q9DNeOlzBJaJD0\" alt=\"\"><\/figure>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 4 &#8211; Screenshot of the login page on the phishing website&nbsp;<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/dRe3_6sbxdXZm_QHGPBI05YRz2mqE10CQD57C0meGaXY9iKrhB0gDd1PDhpp1G3zc7OLvNQHaG9q51I6q5jBQ-pee865YxnoihnLVr8fhgPqRyYbLpht8aFz5WGc_T6wCDpV6arYexEMzNu9iJIjYTA\" width=\"339\" height=\"209\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/xK91Y2kRKBwmt02-wYIqVDxV361IhW8-gc4ipdX1Em5Sg9qBQsMjlV7y-SQUNKDf7wpljs_tOmprPUGJixGozczLevBC44sLJpPGS02Wtet1G53Rl7r3NFXzWca66DGjAjaIWxcnJB_XkilieqRMUWM\" width=\"340\" height=\"209\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 5 &#8211; The Image CAPTCHA (image verification)Captcha and the Audio CAPTCHA don\u2019t work since they are mere placeholder images<\/i><\/p>\n<p><i>&nbsp;<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/zJ4mKFZkHIz6E12j-4PUfsljhFwPghm1aaEvt0nDPY2sj7y2l7RT1IfIpA35ce2HQYR1k4hH6ULXGl7-CztiENPBAKKnjHvXgwj8vPVOfmPr9hoc__IdyuYd62cAoL1RwsmqOZO0NFfaUez_3fa6tz8\" width=\"339\" height=\"208\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/YyEXsc1yGnJ0g-g6QXw5D8X2vAPb6Q_NPXtpzCxwnDRPIcHYrzm7yX7GFunLXSRAyX_LwQncUdbfZx_sFqGCy1MZ9p5C3C_kzOtl-UZ1RsJMsQknmyrWhW6RRfbHrovnJqEzTRj22T8RCcPF8_DtutY\" width=\"340\" height=\"208\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 6 &#8211; New User and Forgot Username and Password links don\u2019t work because they are placeholder images&nbsp;<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>After the user submits their internet banking login credentials, the user is redirected to the OTP request page.<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/TOoreU-1WfGsFkqlpLPrpf-arJUDLCRjUYwPigB1T8Q6ImzzdohmehcGoCrC_xyhuGMJJPiTuq-evFVaGseR-V-dyfCubO984_5TkHnmgA3kuXRkQMRXVM83BMPfr3P2jvS8zLj4N1jgQksE2Msmj1U\" alt=\"\"><\/figure>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 8 &#8211; Image screenshot of the OTP page.<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<figure><i><img decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/gaDbFcR1-1ckRTnsXEg9ldYSUlBmE0HRS0ZZEB7zVYK0oM_0av3Yn6MigSrr4EsaAlMTTnUNaI54N2a1KZjOCK6KjjIWT4B_yGGGaQHxj0qD0kdFj_DM8j_lSXM-IuHva-tfED0vUQjzEhYPBxTDpTw\" alt=\"\"><\/i><\/figure>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 10 &#8211; The \u201cClick here to resend the OTP\u201d is an image<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<ul class=\"wp-block-list\">\n<li style=\"list-style-type: none;\">\n<ul>\n\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/M5kQ_JYuTq-LC-Rb9JgbG397zYGeeGNydLZbHRiGjVbi3utt80rhaOgVCzEB9Nu9NfWMihqPAKrJJu7L1gJVpz3nFUsVpBEx4P-0sl6bUdm6PtLanGFQch_Ye6B_XWeuR_-h6EIJbwCuLMiGV1mql-w\" width=\"624\" height=\"570\"><i>Figure 11 The phishing page prompts the user to enter their account holder name and date of birth.<\/i><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/GFIp7nl0_N3XmbXQ3G7H4onaXtD04_uNYHkEL4WlPt2UlQnWhlb5Da_YEWH6bHaCBApyXyBo43KoMUnAuSDr04iKdsw6oHtuHUWdIYBF_lvOwJ2f-1wOvnhSdqMawapjCLvmnCq7g7pcXQrvwJ0njCw\" width=\"576\" height=\"633\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 12 &#8211; After the user enters the account holder name and the date of birth, an OTP page is presented to the user<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/2qNQG-ukGEigkREEoVgJzi9FyFS8e7cGp2zQdXP4gJWpP9KLkhhYd1EOjQtlWXXIrk3g3AphxHeaJyaRQaPvING6-Aq08Fj3qB5u2r6O65Rw0AGXdNgmYvo_y4oyPByQ0pRW4fcGto0UfZLnMjqIsgI\" width=\"565\" height=\"438\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 13 &#8211; The phishing website then redirects, prompting the user to enter their full name as per their PAN card and their PAN card number<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/QvNJd4SiXewm6Y9vp268TvJ-TuWzIaCHs2s9LvOuorcz4u9E_AipoM2M4BZZVmY7Cng7Mzxm58gZDtHSvfrWW7mbMP3pDs7J6t2yhh4PVMnXr-WrKjKxilheANFZJhGRiXERTPDsHS8ORItDis6-bho\" width=\"514\" height=\"617\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/yo0Z_Kprx_ebaA5wxhUntvJQ9ThRNj1uFcbMq8ZTVDJD4KgGIDDdcqECCXxN-DW2dnyRbogkPrlivNq8GR4LhvQRJyJpDXawEYOii8YKLLQYCacTzk4JHl5X8TBg6XtTsknqEAyeTN5yRZ05R0UNnHA\" width=\"565\" height=\"521\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 15 &#8211; The page prompts the user to enter their Aadhaar number and their full name as per the Aadhaar card.<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/o_1Tz1y-FlazkMk3yHylO2WWEXyGnFH7hkOe4bCfk9Gyt4YLkdzyS1fA2wjOMapPv8Tm5N-0gE7BF23u7spjFhM5QDkwbiwCjg0_tI3rQvVfpM2IhHB78MUEvPNwm3ILH7hyB9Hvt3ImR2X41_LOPxU\" width=\"550\" height=\"552\">&nbsp; &nbsp;<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><i>Figure 16 &#8211; This page prompts the user to enter the OTP&nbsp;<\/i><\/p>\n<p><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p>\n\n\n<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/lh7-us.googleusercontent.com\/fhouxue8HBp7k_K7N0JVqPFRa622Xf_uzlfiVty4g7K3uUB0Wtrj3lfhFK18m33779Zik4Ke1mJmh_puL2COWnb1UPAuHIy0yoiV5gYaYH5Cf9IfUJxyG8pcKjn-bzxU3A5uV9O6LG6vrKPSIHto1NI\" width=\"566\" height=\"319\"><\/p>\n<p>\n\n\n<\/p>\n<p>\n\n<p><i>Figure 17 &#8211; After submitting the OTP, the phishing website indicates that it is verifying the details, but after some time it times out.\u00a0<\/i><\/p>\n<p><i>\u00a0<\/i><\/p>\n<h2>Safety Recommendations<\/h2>\n<ol>\n<li>\u00a0An SMS\/email\/Whatsapp message with a tone of urgency should be dealt with with extreme caution. This is true, especially in the case of any message from the bank.\n<p>\u00a0<\/p>\n<\/li>\n<li>Always reach out directly to the bank and verify suspicious messages\/emails before taking any action.\n<p>\u00a0<\/p>\n<\/li>\n<li>If you become a victim of cybercrime, particularly financial crime, call\u00a0 the national (India) cybercrime helpline 1930 or file a complaint at <a href=\"https:\/\/cybercrime.gov.in\/\">https:\/\/cybercrime.gov.in\/<\/a>\n<p>\u00a0<\/p>\n<\/li>\n<li><a href=\"https:\/\/shreshtait.com\">Shreshta Protective DNS<\/a> blocks phishing, malware and other malicious communication in real-time. For enterprises, please email info@shreshtait.com for a free 30-day trial.\u00a0<\/li>\n<\/ol>\n<h2>Conclusion<\/h2>\n<p>With the growing cyber threat landscape, it&#8217;s important to stay vigilant and not fall prey to phishing scams.\u00a0 Threat actors continue to operate phishing campaigns at scale\u00a0 \u00a0<\/p>\n<p><i>\u00a0<\/i><\/p>\n<p>\u00a0<\/p>\n<h2>Free 30-day trial of our threat intelligence<\/h2>\n<p>Threat actors constantly optimise and evolve their attacks to steal credentials and data and infiltrate networks. Our threat intelligence feeds are highly actionable and curated to protect against phishing, malware, C2 and newly registered domain names.\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>Interested? Please send us an email to <a href=\"mailto:info@shreshtait.com\">info@shreshtait.com<\/a> for a free 30-day trial.\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n\n\n\n\n<\/p>\n<p>\n\n\n<\/p>","protected":false},"excerpt":{"rendered":"<p>Phishing campaign targeting State Bank of India users<\/p>\n","protected":false},"author":1,"featured_media":4515,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[43,42],"tags":[88,90,89],"class_list":["post-4406","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dns","category-threat-intelligence","tag-bfsi","tag-sbi","tag-state-bank-of-india"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.0 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>DNS Security &amp; Threat Intelligence Blog | Shreshta<\/title>\n<meta name=\"description\" content=\"Shreshta Threat Intelligence has uncovered a massive phishing campaign targeting State Bank of India users.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Phishing Campaign targeting State Bank of India users\" \/>\n<meta property=\"og:description\" content=\"Shreshta Threat Intelligence has uncovered a massive phishing campaign targeting State Bank of India users.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/\" \/>\n<meta property=\"og:site_name\" content=\"DNS Security &amp; Threat Intelligence Blog | Shreshta\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-01T07:37:22+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-14T12:57:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/12\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Swapneel Patnekar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@shreshtait\" \/>\n<meta name=\"twitter:site\" content=\"@shreshtait\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Swapneel Patnekar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/\"},\"author\":{\"name\":\"Swapneel Patnekar\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#\\\/schema\\\/person\\\/9193d733c00e1d16e59261d57c852484\"},\"headline\":\"Phishing Campaign targeting State Bank of India users\",\"datePublished\":\"2023-12-01T07:37:22+00:00\",\"dateModified\":\"2024-02-14T12:57:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/\"},\"wordCount\":691,\"publisher\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png\",\"keywords\":[\"BFSI\",\"SBI\",\"State Bank of India\"],\"articleSection\":[\"DNS\",\"Threat Intelligence\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/\",\"url\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/\",\"name\":\"\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png\",\"datePublished\":\"2023-12-01T07:37:22+00:00\",\"dateModified\":\"2024-02-14T12:57:18+00:00\",\"description\":\"Shreshta Threat Intelligence has uncovered a massive phishing campaign targeting State Bank of India users.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#primaryimage\",\"url\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png\",\"contentUrl\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png\",\"width\":1024,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/2023\\\/12\\\/phishing-campaign-targeting-state-bank-of-india-users\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Phishing Campaign targeting State Bank of India users\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/\",\"name\":\"DNS Security &amp; Threat Intelligence Blog | Shreshta\",\"description\":\"DNS Security &amp; Threat Intelligence\",\"publisher\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#organization\",\"name\":\"Shreshta IT Technologies Pvt. Ltd.\",\"alternateName\":\"Shreshta\",\"url\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Shreshta.svg\",\"contentUrl\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Shreshta.svg\",\"width\":330,\"height\":76,\"caption\":\"Shreshta IT Technologies Pvt. Ltd.\"},\"image\":{\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/shreshtait\",\"https:\\\/\\\/infosec.exchange\\\/@shreshta\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/shreshta\\\/\"],\"description\":\"DNS security and threat intelligence company providing real-time threat protection for organizations worldwide. Our solutions include DNS Shield (Protective DNS), DNS Watchtower (Passive DNS), and comprehensive threat intelligence feeds. Trusted by enterprises to detect, prevent, and investigate cyber threats at the DNS layer.\",\"email\":\"sales@shreshtait.com\",\"legalName\":\"Shreshta IT Technologies Pvt. Ltd.\",\"foundingDate\":\"2014-01-22\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"11\",\"maxValue\":\"50\"},\"publishingPrinciples\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/blog\\\/\"},[{\"@type\":[\"Person\"],\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#\\\/schema\\\/person\\\/9193d733c00e1d16e59261d57c852484\",\"name\":\"Swapneel Patnekar\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b8a02ca124e85d2be9710cbbca4d5e3abdaeac895af98732bc4b2bd953879e78?s=96&d=mm&r=g\",\"inLanguage\":\"en_US\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b8a02ca124e85d2be9710cbbca4d5e3abdaeac895af98732bc4b2bd953879e78?s=96&d=mm&r=g\",\"caption\":\"Swapneel Patnekar\"}},{\"@type\":[\"Person\"],\"@id\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/#\\\/schema\\\/person\\\/9193d733c00e1d16e59261d57c852484\",\"name\":\"Pranay Patil\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b8a02ca124e85d2be9710cbbca4d5e3abdaeac895af98732bc4b2bd953879e78?s=96&d=mm&r=g\",\"inLanguage\":\"en_US\",\"url\":\"https:\\\/\\\/shreshtait.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/Screenshot-2023-01-27-at-11.09.13-PM.png\",\"caption\":\"Pranay Patil\"}}]]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"DNS Security &amp; Threat Intelligence Blog | Shreshta","description":"Shreshta Threat Intelligence has uncovered a massive phishing campaign targeting State Bank of India users.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/","og_locale":"en_US","og_type":"article","og_title":"Phishing Campaign targeting State Bank of India users","og_description":"Shreshta Threat Intelligence has uncovered a massive phishing campaign targeting State Bank of India users.","og_url":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/","og_site_name":"DNS Security &amp; Threat Intelligence Blog | Shreshta","article_published_time":"2023-12-01T07:37:22+00:00","article_modified_time":"2024-02-14T12:57:18+00:00","og_image":[{"url":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/12\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png","width":1024,"height":1024,"type":"image\/png"}],"author":"Swapneel Patnekar","twitter_card":"summary_large_image","twitter_creator":"@shreshtait","twitter_site":"@shreshtait","twitter_misc":{"Written by":"Swapneel Patnekar","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#article","isPartOf":{"@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/"},"author":{"name":"Swapneel Patnekar","@id":"https:\/\/shreshtait.com\/blog\/#\/schema\/person\/9193d733c00e1d16e59261d57c852484"},"headline":"Phishing Campaign targeting State Bank of India users","datePublished":"2023-12-01T07:37:22+00:00","dateModified":"2024-02-14T12:57:18+00:00","mainEntityOfPage":{"@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/"},"wordCount":691,"publisher":{"@id":"https:\/\/shreshtait.com\/blog\/#organization"},"image":{"@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#primaryimage"},"thumbnailUrl":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/12\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png","keywords":["BFSI","SBI","State Bank of India"],"articleSection":["DNS","Threat Intelligence"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/","url":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/","name":"","isPartOf":{"@id":"https:\/\/shreshtait.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#primaryimage"},"image":{"@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#primaryimage"},"thumbnailUrl":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/12\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png","datePublished":"2023-12-01T07:37:22+00:00","dateModified":"2024-02-14T12:57:18+00:00","description":"Shreshta Threat Intelligence has uncovered a massive phishing campaign targeting State Bank of India users.","breadcrumb":{"@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#primaryimage","url":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/12\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png","contentUrl":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/12\/DALL\u00b7E-2023-12-01-13.11.40-A-digital-artwork-showing-the-Indian-Rupee-symbol-\u20b9-with-a-blue-Matrix-movie-digital-rain-effect.-The-background-is-dark-to-contrast-the-blue-digi.png","width":1024,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/shreshtait.com\/blog\/2023\/12\/phishing-campaign-targeting-state-bank-of-india-users\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/shreshtait.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Phishing Campaign targeting State Bank of India users"}]},{"@type":"WebSite","@id":"https:\/\/shreshtait.com\/blog\/#website","url":"https:\/\/shreshtait.com\/blog\/","name":"DNS Security &amp; Threat Intelligence Blog | Shreshta","description":"DNS Security &amp; Threat Intelligence","publisher":{"@id":"https:\/\/shreshtait.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/shreshtait.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/shreshtait.com\/blog\/#organization","name":"Shreshta IT Technologies Pvt. Ltd.","alternateName":"Shreshta","url":"https:\/\/shreshtait.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/shreshtait.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/03\/Shreshta.svg","contentUrl":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/03\/Shreshta.svg","width":330,"height":76,"caption":"Shreshta IT Technologies Pvt. Ltd."},"image":{"@id":"https:\/\/shreshtait.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/shreshtait","https:\/\/infosec.exchange\/@shreshta","https:\/\/www.linkedin.com\/company\/shreshta\/"],"description":"DNS security and threat intelligence company providing real-time threat protection for organizations worldwide. Our solutions include DNS Shield (Protective DNS), DNS Watchtower (Passive DNS), and comprehensive threat intelligence feeds. Trusted by enterprises to detect, prevent, and investigate cyber threats at the DNS layer.","email":"sales@shreshtait.com","legalName":"Shreshta IT Technologies Pvt. Ltd.","foundingDate":"2014-01-22","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"11","maxValue":"50"},"publishingPrinciples":"https:\/\/shreshtait.com\/blog\/blog\/"},[{"@type":["Person"],"@id":"https:\/\/shreshtait.com\/blog\/#\/schema\/person\/9193d733c00e1d16e59261d57c852484","name":"Swapneel Patnekar","image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/b8a02ca124e85d2be9710cbbca4d5e3abdaeac895af98732bc4b2bd953879e78?s=96&d=mm&r=g","inLanguage":"en_US","url":"https:\/\/secure.gravatar.com\/avatar\/b8a02ca124e85d2be9710cbbca4d5e3abdaeac895af98732bc4b2bd953879e78?s=96&d=mm&r=g","caption":"Swapneel Patnekar"}},{"@type":["Person"],"@id":"https:\/\/shreshtait.com\/blog\/#\/schema\/person\/9193d733c00e1d16e59261d57c852484","name":"Pranay Patil","image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/b8a02ca124e85d2be9710cbbca4d5e3abdaeac895af98732bc4b2bd953879e78?s=96&d=mm&r=g","inLanguage":"en_US","url":"https:\/\/shreshtait.com\/blog\/wp-content\/uploads\/2023\/01\/Screenshot-2023-01-27-at-11.09.13-PM.png","caption":"Pranay Patil"}}]]}},"_links":{"self":[{"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/posts\/4406","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/comments?post=4406"}],"version-history":[{"count":171,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/posts\/4406\/revisions"}],"predecessor-version":[{"id":4650,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/posts\/4406\/revisions\/4650"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/media\/4515"}],"wp:attachment":[{"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/media?parent=4406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/categories?post=4406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/shreshtait.com\/blog\/wp-json\/wp\/v2\/tags?post=4406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}