Kalkine Media ASX Share Market News & Research
Watchlist Sign Up/Login
https://kalkinemedia.com/resources/assets/public/img/flags/au.png AUS
https://kalkinemedia.com/resources/assets/public/img/flags/nz.png NZ
https://kalkinemedia.com/resources/assets/public/img/flags/uk.png UK
https://kalkinemedia.com/resources/assets/public/img/flags/ca.png CA
https://kalkinemedia.com/resources/assets/public/img/flags/us.png USA
https://kalkinemedia.com/resources/assets/public/img/flags/fr.png FRA
https://kalkinemedia.com/resources/assets/public/img/flags/de.png GER
https://kalkinemedia.com/resources/assets/public/img/flags/es.png ESP
https://kalkinemedia.com/resources/assets/public/img/flags/it.png ITA
https://kalkinemedia.com/resources/assets/public/img/flags/nl.png NLD
https://kalkinemedia.com/resources/assets/public/img/flags/pt.png PRT
https://kalkinemedia.com/resources/assets/public/img/flags/se.png SWE
https://kalkinemedia.com/resources/assets/public/img/flags/gr.png GRC
https://kalkinemedia.com/resources/assets/public/img/flags/in.png IND
https://kalkinemedia.com/resources/assets/public/img/flags/pl.png POL
https://kalkinemedia.com/resources/assets/public/img/flags/br.png BRA
https://kalkinemedia.com/resources/assets/public/img/flags/za.png ZAF
https://kalkinemedia.com/resources/assets/public/img/flags/ru.png RUS
https://kalkinemedia.com/resources/assets/public/img/flags/cn.png CHN
https://kalkinemedia.com/resources/assets/public/img/flags/ae.png UAE
Kalkine Media ASX Share Market News & Research

Alert: Cybercriminals Target Taxpayers and Banking Customers with Phishing Campaign and Malicious Application

March 03, 2023 03:33 AM IST | By NewsVoir
Alert: Cybercriminals Target Taxpayers and Banking Customers with Phishing Campaign and Malicious Application
Image source: NewsVoir

Recent News

thumbnail

OCP Foundation and ISAP Launch Project ACE at College of Agriculture,...

thumbnail

Ant International Empowers Partners to Serve Over 15 Million Customers...

thumbnail

Prodapt Announces Agentic Solutions for Autonomous Operations Powered...

thumbnail

MarketAxess Becomes First Platform to Provide Fully Electronic Workflo...

If you have received any message that contains a link asking users to download an application to avail Income Tax Refund or KYC benefits with the name of Income Tax Department or reputed Banks, Beware!

Phishing pages and Malicious Applications


CyberPeace Foundation and Autobot Infosec Private Limited along with the academic partners under CyberPeace Center of Excellence (CCoE) recently conducted five different studies on phishing campaigns that have been circulating on the internet by using misleading tactics to convince users to install malicious applications on their devices. The first campaign impersonates the Income Tax Department, while the rest of the campaigns impersonate ICICI Bank, State Bank of India, IDFC Bank and Axis bank respectively. The phishing campaigns aim to trick users into divulging their personal and financial information.


After a detailed study, the research team found that

  • All campaigns appear to be an offer from reputed entities, however hosted on third-party domains instead of the official website of the Income Tax Department or the respective Banks, raising suspicion.

  • The applications ask several access permissions of the device. Moreover some of them seek users to provide full control of the device. Allowing such access permission could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications.

  • Cybercriminals created malicious applications using icons that closely resemble those of legitimate entities with the intention of enticing users into downloading the malicious applications.

  • The applications collect users personal and banking information. Getting into this type of trap could lead users to face significant financial losses.

  • While investigating the impersonated Income Tax Department's application, the Research team identified the application sends http traffic to a remote server which acts as a Command and Control (CnC/C2) for the application.

  • Customers who desire to avail benefits or refunds from respective banks, download relevant apps, believing that the chosen app will assist them. However, they are not always aware that the app may be fraudulent.


"The Research highlights the importance of being vigilant while browsing the internet and not falling prey to such phishing attacks. It is crucial to be cautious when clicking on links or downloading attachments from unknown sources, as they may contain malware that can harm the device or compromise the data," spokesperson, CyberPeace added.


In addition to this in an earlier report released in last month, the same research team had drawn attention to the WhatsApp messages masquerading as an offer from Tanishq Jewellers with links luring unsuspecting users with the promise of free valentine's day presents making the rounds on the app.


CyberPeace Advisory

  • The Research team recommends that people should avoid opening such messages sent via social platforms. One must always think before clicking on such links, or downloading any attachments from unauthorised sources.

  • Downloading any application from any third party sources instead of the official app store should be avoided. This will greatly reduce the risk of downloading a malicious app, as official app stores have strict guidelines for app developers and review each app before it gets published on the store.

  • Even if you download the application from an authorised source, check the apps permissions before you install it. Some malicious apps may request access to sensitive information or resources on your device. If an app is asking for too many permissions, its best to avoid it.

  • Keep your device and the app-store app up to date. This will ensure that you have the latest security updates and bug fixes.

  • Falling into such a trap could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications and could lead users to financial loss.

  • Do not share confidential details like credentials, banking information with such types of Phishing scams.

  • Never share or forward fake messages containing links on any social platform without proper verification.

Disclaimer

The content, including but not limited to any articles, news, quotes, information, data, text, reports, ratings, opinions, images, photos, graphics, graphs, charts, animations and video (Content) is a service of Kalkine Media Limited, Company No. 12643132 (“Kalkine Media, we or us”) and is available for personal and non-commercial use only. Kalkine Media is an appointed representative of Kalkine Limited, who is authorized and regulated by the FCA (FRN: 579414). The non-personalized advice given by Kalkine Media through its Content does not in any way endorse or recommend individuals, investment products or services suitable for your personal financial situation. You should discuss your portfolios and the risk tolerance level appropriate for your personal financial situation, with a qualified financial planner and/or adviser. No liability is accepted by Kalkine Media or Kalkine Limited and/or any of its employees/officers, for any investment loss, or any other loss or detriment experienced by you for any investment decision, whether consequent to, or in any way related to this Content, the provision of which is a regulated activity. Kalkine Media does not intend to exclude any liability which is not permitted to be excluded under applicable law or regulation. Some of the Content on this website may be sponsored/non-sponsored, as applicable. However, on the date of publication of any such Content, none of the employees and/or associates of Kalkine Media hold positions in any of the stocks covered by Kalkine Media through its Content. The views expressed in the Content by the guests, if any, are their own and do not necessarily represent the views or opinions of Kalkine Media.
The content published on Kalkine Media also includes feeds sourced from third-party providers. Kalkine does not assert any ownership rights over the content provided by these third-party sources. The inclusion of such feeds on the Website is for informational purposes only. Kalkine does not guarantee the accuracy, completeness, or reliability of the content obtained from third-party feeds. Furthermore, Kalkine Media shall not be held liable for any errors, omissions, or inaccuracies in the content obtained from third-party feeds, nor for any damages or losses arising from the use of such content. Some of the images/music/video that may be used in the Content are copyright to their respective owner(s). Kalkine Media does not claim ownership of any of the pictures displayed/music or video used in the Content unless stated otherwise. The images/music/video that may be used in the Content are taken from various sources on the internet, including paid subscriptions or are believed to be in public domain. We have used reasonable efforts to accredit the source wherever it was indicated or was found to be necessary.
This disclaimer is subject to change without notice. Users are advised to review this disclaimer periodically for any updates or modifications.

Sponsored Articles

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.