Thursday, 25 July 2019 18:33

In you execute counterfeit internet banking is revealed

The address about a suspicious Internet resource which duplicates the official Internet resource came to service KZ-CERT, masking under the domain name [Profit]

Experts carried out the analysis of a resource by results of which they recorded existence of phishing forms. For authorization holders of cards needed to enter the entrusted phone number, the identifier Homebank, the login my Halyk and the password.

"At authorization by means of the mobile number the user, without noticing that, went to the loading.php page then, as it was conceived by malefactors, had to enter the SMS code received on the mobile number" — explained in KZ-CERT.

The fact of the attack was confirmed in TsARKA. As experts told, malefactors used the Zelos tool which "is on sale in the black market the Turkish hackers". In total followed the phishing link and filled weeding the login and the password 103 persons from whom 15 people understood the fact of carrying out the attack and specified obviously false data in this field. The list of injured clients of National bank is established by experts. Currently the phishing website is inaccessible, and all information on it will be sent to the Ministry of Internal Affairs.

KZ-CERT urges users to pay attention to the domain name (entered in a search box), and in case of detection of this sort of suspicious resources, to tell specialists in free number 1400 (round the clock) or to send the letter to the e-mail address