A fraud threw hackers and bogus eye-catching offers in online banking or even for credit card holders are well known. The debit and credit card fraud cases have been witness rise in recent time. The rise in online banking and digitalization has increased the risk of frauds. Now, a report has surfaced which says the fake banking apps of well-known Indian banks were used to trick customers into handing over account credentials.
According to International Business Times reports, bogus Android apps of popular banks like ICIC Bank, RBL Bank, and HDFC Bank were used by the perpetrators on three separate occasions as a front to collect sensitive data from unsuspecting victims. Information of account holders like credit card account number, names, expiration dates, and CVV was funnelled through fake application forms which the potential victims had filled up.
A security firm named ESET told the leading portal, “The data entered into the bogus forms are sent in plain text to the attacker’s server. The listing of the stolen data on that server is accessible to anyone with the link, without requiring any authentication. For the victims, this amplifies the potential damage, since their sensitive data is not only at the attacker’s disposal, but potentially available to anyone who comes across it.”
According to the security firm, the application forms were supposedly meant to increase the credit card limits of the credit card holders. The biggest threat was that the stolen information was released online in plain text. The three banking apps were available for download on Play Store.
These apps were available for download between the month of June and July. From the three one app was removed. The apps can be easily identified as fake since they offer nothing and only ask about customers’ personal banking details.