Cyber-attack of Halyk Bank customers: hackers continue site duplication
from open sources
Appeals keep coming about suspicious Internet resources copying Homebank.kz, Kazpravda.kz reports referring to the KZ-CERT Computer Incident Response Service.
So, five Internet resources were analyzed and the presence of phishing forms was recorded. To date, these Internet resources are not available:
The analysis showed that the algorithm for the actions of fraudsters has not changed and the user, after entering the trusted phone number / Homebank ID / login my Halyk and confirming with a password, is redirected to the form where confirmation is required via the SMS-code, which should come to the specified mobile number.
It will be recalled that in July this year, the KZ-CERT service reported the identification of seven Internet resources that duplicated Homebank.kz.
A distinctive feature of all the incidents is that hackers are hosted on the .com domain name system. All identified Internet resources are not finalized. In the latter case, the Internet resources contained bookmarks: Payments; Translations; Homeshop; Check in; Entrance; "I forgot password".