“Fraudsters may use Cyrillic script for phishing attacks, always check URLs carefully before clicking,” the Delhi Police said in a post on X. It also shared two images, one of which explains how a legitimate-looking message can be dangerous.
The letters in Cyrillic script look similar to the ones we are used to seeing in our daily lives. For example, a legitimate website – www.abcbank.com – may be used to create an unsuspicious looking link with Cyrillic script. Not-so-tech-savvy people may overlook such minute details and open these links.
What happens when users open ‘fake’ links
Clicking these fake links directs users to a webpage designed to mimic a real bank website. The page then prompts users to enter personal details like bank account numbers and passwords, which scammers can capture.
This allows criminals to obtain a victim’s critical personal information, putting them in a position to commit fraud. If two-factor authentication is enabled, scammers may impersonate bank representatives to contact the user and seek further important information like OTPs. In other scenarios, they may steal money from a bank account without leaving a trace.
What users should do
If you receive texts from an unknown number or any bank message with a link, closely observe the URLs for any spelling mistakes and special characters. Do not click the link and, if possible, cross-check the website by a quick search on Google.