EconomyCrimeTechHOT4h ago

SriLankan Airlines and Police Warn of Banking Trojan Scam Targeting Passengers

TLDR

SriLankan Airlines & Police warn of banking trojan scam.
Scammers use WhatsApp to push malicious "SriLankan.apk" app.
App from three fake websites grants remote access, steals OTPs.
Fraudsters aim for unauthorized financial transactions.

Both SriLankan Airlines and Sri Lanka Police have issued public warnings about a significant increase in scam activities targeting the airline's customers. Fraudsters are reportedly impersonating airline staff through WhatsApp messages and direct phone calls, directing individuals to install a malicious "SriLankan.apk" mobile application. This app, distributed via three identified fraudulent websites (srilankan.wuozgo.cc, srilankan.vaco.cc, and srilankan.krgo.cc), functions as a banking trojan, granting unauthorized remote access to mobile phones. The scheme aims to expose sensitive financial data such as one-time passwords (OTPs), banking PINs, and credit card information, enabling criminals to conduct fraudulent transactions. SriLankan Airlines has clarified that it does not contact customers via WhatsApp or make unsolicited calls for ticketing or promotional purposes.

Story Update

Update #2\u00b7 Apr 23 · 1:01 PM

Police have provided further details on the financial scam operating under the name of SriLankan Airlines. Fraudsters are contacting individuals via WhatsApp, posing as airline representatives, and instructing them to install a mobile application named ‘SriLankan.apk’ through three fraudulent websites. This application is confirmed to be a malicious banking Trojan that grants remote access to victims' mobile devices, allowing perpetrators to obtain sensitive personal data, including One-Time Passwords (OTPs), to facilitate unauthorized financial transactions.

WhatsApp Post on X

Pulse Check — How do you feel?

Discussion

No comments yet. Be the first to share your thoughts!