Rewterz Threat Alert – Update On Threat Actors Targeting Pakistani Bank Customers Using Fake Calls

Severity

High

Analysis Summary

We would like to bring your attention to recent phishing and vishing attempts that have significant implications for the worldwide cybersecurity landscape, particularly for Pakistan’s financial sectors in this advisory.

In today’s digital age, it is important to be aware of the potential risks faced while using apps, websites, and services. Recently, there have been reports of threat actors using fake calls and text messages to pose as bank’s representatives. These criminals are attempting to steal customer credentials by directing customers to malicious links and applications. They provide a link to a website that looks like a secure login page.

It is important to remember that these banks would never ask for confidential information, such as login credentials, over the phone. Furthermore, they will never ask you to install an application or enter your credentials on a third-party website.

It’s important to stay vigilant and not give away any of your banking credentials to anyone, no matter who they claim to be. Banks will never ask for your login details or other sensitive information, so if you ever receive such a message, do not click any links or provide your banking details. Instead, contact their customer service team to verify if the message is legitimate or not.

The final URL that is being shared with the target is http://sbp-proccess.odoo.com/. Right now, this website has currently been taken down.

The phone numbers that are being used in this latest campaign against Bank’s customers are +92 331 8937949 and +021111014014. Among them, one phone number is the official contact no. of the bank. Therefore, by spoofing the phone numbers of legitimate banks, the attackers can trick victims into thinking that the calls or messages are coming from a trusted source.

Finally, it is imperative to use strong passwords to protect your accounts and never use the same password across multiple services. Additionally, be sure to enable two-factor authentication and periodic password updates when available. By taking these precautions, you can reduce the risk of your data falling into the hands of criminals and prevent any further or future damage to your digital assets.

Stay safe and keep an eye out for suspicious messages to ensure your safety.

Recommendations

Here are some of the best practices and recommendations to help safeguard your organization against such threats:

• Don’t Share Sensitive Information: Never share your personal information, such as your social security number, bank account information, or passwords, over the phone.
• Verify the Caller: If someone calls you claiming to be from a company or organization, ask for their name and call-back number. Then, verify the authenticity of the call by contacting the company or organization directly using a trusted phone number.
• Be Wary of Unsolicited Calls: Be wary of unsolicited phone calls from unknown numbers. Don’t give out any personal information unless you are certain of the caller’s identity.
• Use Caller ID: Use caller ID to screen incoming phone calls. If you don’t recognize the number, let it go to voicemail and verify the authenticity of the call before returning it.
• Hang Up: If you suspect that a phone call is fake, hang up immediately. Scammers may use high-pressure tactics to try to keep you on the phone and convince you to share sensitive information.
• Report Suspicious Calls: If you receive a suspicious phone call, report it to the appropriate authorities. This can help to prevent others from falling victim to the same scam.
• Educate Yourself: Learn more about the latest phone scams and educate yourself on how to protect against them. There are many online resources available that can help you stay informed and protect yourself from phone-based fraud.
• Don’t Click on Links: Do not click on links or download attachments from suspicious emails or messages. Hover over the link to see the URL and verify that it is legitimate.
• Be Wary of Urgent Requests: Be wary of urgent requests for personal information or payments. Scammers often use urgency to pressure their victims into making impulsive decisions.
• Keep Your Software Up-to-Date: Keep your software and operating system up-to-date to ensure that you have the latest security patches and updates.
• Use Anti-Virus and Anti-Malware Software: Install and use reputable anti-virus and anti-malware software to protect your devices from malicious software.
• Incident Response Plan: Organizations should have an incident response plan in place to quickly respond to phishing attacks and fake phone calls. The plan should include procedures for identifying and mitigating the attack, as well as steps for reporting the incident to law enforcement and regulatory authorities.
• Regular Security Awareness Training: Regular security awareness training for employees and customers can help prevent successful phishing and fake phone call attacks. This can include email reminders, posters, and other materials that educate users on the latest phishing and social engineering tactics.

It is important to remember that banks will never ask for your personal or banking details over the phone or via email. If you receive any suspicious calls or messages claiming to be from your bank, do not share any sensitive information and contact your bank immediately to report the incident.

Impact

• Credential Theft
• Security Bypass
• Sensitive Information Theft