The Answer is definitely yes !
The
most the most common method for hacking bank accounts is phishing.
Hackers will obtain the mail list of bank account holders from any
vulnerable website by injecting via SQL vulnerability. With the help of
web shells they can upload a Mailer and send mail from any emails even
from google@gmail.com.
On the other hands, they would create phishing website that would look
exactly as the original website. The only thing that differs from the
original website i URL and mostly the fake website will not have a SSL
certificate i.e https.
I will show you an
example. Let's assume that the attacker is planning to obtain the Paypal
information of a victim. Using the mailer hosted on the any web shell,
Attacker couldd spoof anh mail ID and send mail which will look exactly
as official email from PayPal.
This
is an example of spoof email from the attacker. And when you click on
the link came in the email, you will be redirected to a phishing site
where your information can be easily Hijacked by the attacker.
This
is this is an example for Paypal phishing page. As you can see, the URL
is only thing that differs from the original website and that is only
thing which would help you figure out whether is original or not.
Similarly, Bank account can also be hacked just my knowing the mail ID of the victim
Comments
Post a Comment