Numerous Maybank customers might recently have fallen into the trap of phishing emails. The emails were sent with an intention to steal the username and passwords of the customers. The phishing site was modulated in such a way that at every step an email containing the customer's data was transmitted to the attacker via email. The email invited users to click on Maybank phishing websites. Once the customer filled the phishing form and clicked on the submit button, post entering the username and password, the details were immediately sent to the attacker.
In the five-step process, attacker himself logs-in into the banking site, using the stolen credentials, meanwhile the bank sends the Transaction Authorization Code (TAC) to the victim's contact number. The victim provides the TAC to the phishing page, which is received by the attacker via email. With this information the cyber-criminal is able to complete the online verification process and hence gets complete access of the victim's bank account. Now, the attacker is free to carry ill-legal and fraud activities. In this real-time phishing attack, the victim is left clueless while the cybercriminals sufficiently takes away the money.
Cyber frauds can use this information for their criminal activities and can even change the banking credentials to steal the money before the customer notices that he was been defrauded.
Comments
Post a Comment