Hackers Use FBR to Get Users Bank Account Details.

Hackers Use FBR to Get Users Bank Account Details

According to a press release in FBR Website, It has been reported that some hackers are trying to use the fake FBR webpage for get bank account details such as usersname and password for the purpose of stealing money and empty their account.

People receive an email with subject Tax Refund Claim from fake email addresses (Customerservice@fbr.gov.pk). It seems to be sent from FBR but it did not, its Fake.

Refund Claim Fake Email FBR
An example: email message might look like. 

As mention in image above this email informs the people to collect their tax refund by clicking on the provided link to a fake website of FBR which has links to banks. FBR’s official website is http://www.fbr.gov.pk but the click leads to fake web address

http://www.springtowinter.gr/fbr.gov.pk/fbr.gov.refundportal.htm 
or
http://www.zhypublishing.zhylosa.net/orders/editors/fbr.gov.pk/fbr.gov.refundportal.

Where a list of banks provided (with fake pages) to proceed for the tax refund. Once the victim enters his/her bank account details (Account No. & Password) here, This fake website will automatically send their bank account details to hacker and their bank accounts are then hacked.

This is called Phishing and it is a fraudulent act of deceiving users to acquire their sensitive personal information, such as usernames, passwords, social security numbers, and bank account/credit card details, etc. Globally phishing deprives people of around a billion US$ annually.

Advise for General Public
  • Never Share Bank Account Details and password to any email received from any email address that is apparently from FBR. FBR doesn't provide any link to any bank on FBR `s website
  • Immediately report any such email to your bank.
What is Phishing & How to Safe from it ?

Phishing is a fraudulent practice of deceiving users to get their sensitive personal information, such as usernames, passwords, social security numbers, and bank account/credit card details, etc.
Below given point will help you to recognize phishing email, this way you can reduce your chances of being defrauded:

1. Your name is missing:   The email doesn't have your name in it.

2. Spelling and bad grammar: The email contains spelling or grammatical mistakes.

3. Threats: The email contains threats that your security has been compromised, or requests that you take immediate action.

4. Seeking personal information: The email requests your personal information such as, login details, bank account details, credit card details, etc.

Phishing Email Sample FBR

Post a Comment

Blogger Disqus

Dear Readers, we`re enthusiastic to see your comment, We will try to reply to your queries as soon as possible, Please Keep in mind that all comments are moderated manually by our human analysts, according to our comment policy, and all the links are nofollow. Using Keywords as a part of the name field range is prohibited. Let’s enjoy an individual and suggestive discussion.