A new type of scam hits the thousands of Credit Card Customers of three Indian Banks i.e. ICICI Bank, HDFC Bank and RBL bank. Fake Android apps of ICICI Bank, HDFC Bank and RBL Bank were used by the attackers to get the Credit Card details of customers claiming to increase the credit card limit. The Fake Banking apps of all three banks were found into the official Google Play store.
Customer of these three Indian banks, the malicious apps phish for credit card details and internet banking credentials using bogus web forms. Information like credit card account number, names, expiration dates, and CVV was funnelled through fake application forms which the potential victims had filled up.
Security firm ESET reported that these application forms were supposedly meant to increase the credit card limits of the credit card holders of Banks i.e. ICICI, HDFC and RBL Bank.
The fake apps were uploaded to Google Play in June and July 2018. These apps are now taken down by Google Playstore.
Process of Scam
- Customer were asked to download the Android Playstore Apps of these three banks on behest of enhancing the Credit Card Limit
- There were three simple form, which user needed to fill
- Details of credit card like credit card account number, names, expiration dates, and CVV were asked to fill
- After submission, a new page leads users to the third and final screen, which thanks users for their interest and informs them that a “Customer Service Executive” will be in touch shortly