Friday, August 19, 2022

ਵਾਹਿਗੁਰੂ

spot_img











Hackers target national portal of India via ‘unprecedented’ phishing technique

Bengaluru, July 7, 2022- Cyber-security researchers on Thursday said they have discovered an “unprecedented, sophisticated” phishing technique that has been targeting government websites across the world, including Indian government’s portal https://india.gov.in, extorting the affected users.

The threat actors have been targeting the Indian government’s portal by utilising a bogus URL to trick users into submitting sensitive information such as credit card numbers, expiration months and CVV codes, according to AI-driven cyber-security firm CloudSEK.

Hackers are imitating the browser window of the Indian government website, most often SSO (single sign-on) pages, with a unique login, in a most-advanced phishing technique commonly known as Browser-in-the-Browser (BitB) attack.

BitB attacks imitate legitimate sites in order to steal user credentials as well as other sensitive data, such as personally identifiable information (PII).

The new URL that pops-up as a result of the BitB attack appears legitimate.

“The bad actors have also replicated the original page’s user interface. Once their victims click into the phishing page, a pop-up appears on the phoney window claiming that their systems have been blocked, posing as a notification from the Home Affairs Enforcement and Police,” the researchers claimed.

The users are then notified of their excessive use of pornographic websites, which is illegal under the Indian law, and are requested to pay a fine of Rs 30,000 to unlock their systems.

“They are given a form to fill out in order to pay the fine, which asks them to divulge personal information, including their credit card information. The victims become panicked because the warning has a sense of urgency and appears to be time-bound,” the researchers said.

The information that the victims enter into the form is transferred to the attacker’s server.

Once the attackers get the card information, it might be sold to other buyers in a larger network of cyber criminals, or the victim could be extorted for extra money.

The BitB attack begins when users attempt to connect to a website and click on a malicious link that looks to them as an SSO login pop-up window.

When users visit the supplied link, they are prompted to log in to the website using their SSO credentials. After there, the victims are sent to a bogus website that looks exactly like the SSO page.

The attack usually stimulates single sign-on windows and displays fake websites that cannot be distinguished from the original page.

“Combine SSO with MFA (multi-factor authentication) for secure login across accounts, check for suspicious logins and account takeovers and avoid clicking on email links from unknown sources,” the researchers suggested.  (Agency)

Subscribe to YesPunjab Telegram Channel & receive Important News Updates

- Advertisement -

Yes Punjab - TOP STORIES

Punjab News

Sikh News

Transfers, Postings, Promotions

- Advertisement -spot_img

Stay Connected

31,218FansLike
113,977FollowersFollow

ENTERTAINMENT

National

GLOBAL

OPINION

The importance of rights of the nation – by Seema Singh

As we celebrate 75 years of Independence, it is a high time to introspect and contemplate about the gains and losses we made in...

Gilli-Danda: Comeback of 75 indigenous sports – by Narvijay Yadav

Under the ‘Azadi Ka Amrit Mahotsav’ the central government has stepped up the plan to introduce 75 indigenous sports in all schools. The popular...

Is the world sliding into a Chernobyl-plus nuclear disaster in Ukraine? – by Sergei Strokan

New Delhi, Aug 13, 2022- Tensions around the Zaporozhye nuclear power plant in Ukraine reached a climax by the weekend, after three more missiles...

SPORTS

Health & Fitness

Rise in pregnancy-related complications during Covid pandemic

New York, Aug 13, 2022- Covid-19 has caused unprecedented stressors as a new study showed a rise in pregnancy-related complications during the pandemic. The study, published in the journal JAMA Network Open, assessed how pregnancy-related complications and obstetric outcomes changed during Covid compared to pre-pandemic. Looking at the relative changes in the mode of delivery, rates of premature births and mortality...

Gadgets & Tech

error: Content is protected !!