Press room

KZ-CERT Computer Incident Response Service of JSC State Technical Service (the “Service”) together with JSC Halyk Bank revealed new phishing resources disguised as homebank.kz Internet resource.

A total of eight Internet resources were detected; their pages are visually identical to the official Internet resource, yet have slight differences in the spelling of the Internet address. Intruders offer victims to enter a trusted phone number/identifier or login, password and code from SMS to enter their personal account at homebank.kz. If a user follows the scammers’ lead and complies with all those conditions, this enables intruders to compromise personal data and personal accounts.

Such links to phishing Internet resources are most often spread by scammers through targeted advertising in popular social networks using an enticing headline or a similar name of a well-known brand in order to attract as many victims as possible.

KZ-CERT Service conducted work to notify hosting providers and CERTs near and far abroad, related to the above cyber security incident. As of today, the Internet resource is unavailable.

“Always double check the information that promises you unexpected acquisitions, prize drawings, lottery winnings, compensation, etc. and offers to transfer money for the winnings to your bank account or bank card. Under no circumstances do banks carry out mass mailings of letters with attached files, links and forms to enter websites of Internet banking systems” – JSC Halyk Bank recommends. 

Earlier, the KZ-CERT Service already reported about revealing five Internet resouces, which imitated homebank.kz.

KZ-CERT Service strongly recommends:

• When clicking a link, pay attention to the address line – the domain name. Pay attention to extra characters in the official name of the Internet resource of the organization or company conducting the promotion.
• Pay attention to content of the website: fonts, grammar mistakes, low quality images, outdated design, excessive advertising and various links on the page. If you are redirected to pages unlike the official website, this is a phishing resource.
• Do not enter authorization data at suspicious Internet resources.
• Do not enter your personal data, data of bank cards and keep them safe. Do not disclose your 3-digit CVV/CVC code (on the reverse side of the card). Do not disclose SMS code received from the bank.
• Do not send copies of your documents that contain personal data, ID card data, bank card data, etc.
• Banks never request logins, passwords, SMS codes or other confidential identification and personal data via letters or by any other means.

If you encounter any cyber security incident, please call our specialists at 1400 (toll-free 24/7) or send a request via Telegram chat: https://t.me/kzcert.

JSC State Technical Service 

Tel.: +7-717-255-99-97, 1400 (mobile) 

E-mail: info@kz-cert.kz, incident@kz-cert.kz