Researchers have started monitoring a smishing campaign in which malicious SMS texts are being sent out trying to trick users of certain Indian banks, a new report said on Friday.
According to cybersecurity company Sophos, the smish campaign consists of a text with a link addressed to customers of the most popular Indian banks.
It sends a text falsely claiming that the recipient's bank account will be blocked, and telling the recipient to update their PAN and AADHAR card information on their accounts.
The text also includes a link to an Android Package (APK) file.
According to the researchers, this campaign is targeting customers looking to file returns in tax season and to update their year-end financial results.
Moreover, the report mentioned that the link downloads an APK and after installation, this APK opens fake (but lookalike) bank login pages - abusing not only recipients but the banks' brands.
The APK then tries to acquire the recipient's login, password, debit card number, and ATM pin.
If the recipient enters any personal information, the data gets exfiltrated to a remote server owned by the attackers rather than the bank.
Further, the report explained that the APK also has the ability to read the contents of SMS texts when they are received, possibly to extract any OTP codes issued by the bank.