“On the landing page, a congratulations message appears with an attractive photo of State Bank of India and asks users to participate in a quick survey to get a free gift of Rs 50 lakh from the State bank of India,” the researchers informed.
At the bottom of the page, a section appears which seems to be a Facebook comment section where many users have commented about how the offer is beneficial.
The Research teams investigated the URLs in a secured sandbox environment where WhatsApp application was not installed.
The researchers recommend that people should avoid opening such messages sent via social platforms.
“The URL manipulation showed that the web server has directory listing enabled and found other links visible which proves that not only the SBI users, IDFC, PNB, IndusInd and Kotak bank users are also targeted by the same type of phishing scam,” the team noted.
In March this year, the same research team had pointed out that several users of the SBI were targeted in a phishing scam where hackers flooded them with suspicious text messages, requesting them to redeem their SBI credit points worth Rs 9,870.