The KZ-CERT computer emergency response team announces the discovery of new phishing Internet resources that imitate homebank.kz on the Internet.
KZ-CERT service continues to receive requests for suspicious online resources duplicating homebank.kz. So, five Internet resources were analyzed:
according to the results of which the presence of phishing forms was recorded.
The analysis showed that the algorithm of the fraudsters’s actions was preserved and the user, after entering the trusted phone number / Homebank ID / login my Halyk and confirming with a password, is redirected to the form where confirmation is required by means of an SMS code that should be sent to the indicated mobile number.
Recall that in July of this year, the KZ-CERT reported the identification of seven Internet resources that duplicated homebank.kz.
A distinctive feature of all information security incidents is that attackers are hosted on the .com domain name system. All identified Internet resources are not finalized. In the latter case, the Internet resources contained bookmarks: Payments; Translations; homeshop; Check in; Entrance; "I forgot password".
To ensure the safety of Kazakhstan people, the KZ-CERT service carried out measures to alert the countries of near and far abroad related to this information security incident.
I would like to note that today these Internet resources are not available.
We urge Kazakhstan people to pay attention to the domain name (entered in the search bar), and if such a suspicious Internet resource is found, inform our specialists at the toll-free number 1400 (round-the-clock), send applications via the links: http: //www.kz-cert.kz /ru/ form, https://t.me/kzcert, and also send a letter to the email address: firstname.lastname@example.org
"KZ-CERT" Computer emergency response team