TN Police issues advisory on SBI reward points scam: Check details

The cybercrime cops said that the fraudsters hacked the access of victims' mobile phones and devices to send fake messages about SBI reward points

The Tamil Nadu Cyber Crime Police has issued an advisory warning the public about a new cyber scam, known as the ‘SBI Reward Points Scam.’ The advisory was issued after the police received 73 complaints related to this scam in the past two months.
 

“In recent incidents, hackers have used compromised WhatsApp accounts to send fake messages about ‘SBI Reward Points’ to various official and personal WhatsApp groups. The hackers may also change the existing group icons and names to ‘State Bank of India’,” a statement issued by the state police said.

 

Modus operandi
 

The fraudsters first compromise the victim’s WhatsApp account by sending phishing links or exploiting vulnerabilities in apps. Once they gain access, they send fake messages to official and personal groups, changing the group icons and names to ‘State Bank of India’ to make them appear legitimate. These messages claim that the victim’s reward points are about to lapse, creating a sense of urgency. The messages contain links that claim to help victims update their bank details and redeem their reward points.

 

 

When the victim clicks on the link, they are prompted to download an APK file, which is disguised as an official application or update related to SBI reward points. By downloading and installing this file, the victim unknowingly installs malware on their device. This malware can steal sensitive information, including banking credentials, passwords, and OTPs.

 

How to stay away from scam

 

Activate Two-Step Verification: The police have advised the public to activate two-step verification protocols on their social media accounts. This requires a PIN in addition to the OTP sent to the phone, adding an extra layer of security.

 

Verify authenticity: The advisory also asks the public to verify the authenticity of any website or app by checking official sources. It is crucial to avoid clicking on suspicious links and never download APK files from unknown sources.

 

Strong passwords: The police have suggested setting and regularly changing strong, unique bank account passwords.

 

Report suspicious activity: If you suspect that you have been a victim of fraudulent activity or have come across any suspicious activity, report the incident by calling the Cyber Crime Toll Free Helpline 1930 or register a complaint at www.cybercrime.gov.in.