FINANCIAL CHRONICLE – Several banks in Sri Lanka have begun notifying their customers about ongoing hacking attempts aimed at redirecting users to fraudulent websites designed to steal personal information and deplete their accounts. These deceptive sites often feature domain names that closely mimic those of legitimate banks.
Hatton National Bank (HNB) has issued a warning, urging customers to stay vigilant against fake websites that may try to replicate its official domain. “Ensure that you access HNB services by directly typing www.hnb.lk into your browser or by using authorized HNB applications,” the bank advised. They also encouraged immediate reporting of any unusual account activity.
Standard Chartered Sri Lanka similarly alerted clients via text messages, cautioning them about counterfeit websites posing as sc.com/lk. “Avoid clicking on dubious links or disclosing your banking information. Always access our services through the official website or the SC Mobile app,” the message stated.
Cybercriminals often create imitation websites and send emails prompting users to take urgent actions, such as resetting passwords. When customers enter their credentials on these fake sites, the hackers relay that information to the actual bank’s website. Following this, the customers receive a one-time password (OTP) from their genuine bank, which they unwittingly input into the fraudulent site. The hackers then capture this OTP to gain access to the real account, allowing them to transfer funds to other accounts or withdraw money without changing passwords.
PanAsia Bank advised its customers to “STAY ALERT!” and to verify the website address before entering any login details. They emphasized using PABC Online Banking exclusively through the secure link https://online.pabcbank.com and warned against clicking on misleading links that may contain slight variations. Customers were also reminded to never share their OTP and to refrain from installing any suspicious applications. For assistance, they provided a contact number: +94114667222.
DFCC Bank echoed similar sentiments, warning customers to “BEWARE OF FAKE WEBSITES.” They noted that scam sites frequently utilize misspelled or similar-looking web addresses. “Always verify before entering any personal information,” they advised.
