A sophisticated phishing scam has been uncovered, targeting PNB MetLife policyholders in India. The scammers have created fake mobile-optimized websites that mimic the official PNB MetLife premium payment interface, with the goal of stealing sensitive user information and facilitating fraudulent transactions. The fake websites use Telegram bots to exfiltrate user data, including names, policy numbers, and mobile numbers, in real-time. The scammers then use this information to coerce victims into making payments via fraudulent UPI QR codes or deep links to legitimate payment apps, bypassing standard gateway verifications.
The fake payment gateways are designed to bypass traditional security controls, and do not perform any backend validation of the entered policy details. Instead, JavaScript generates a UPI payment URI as a QR code, which the victim completes in a legitimate UPI app. In some cases, users are redirected via deep links to apps like PhonePe or Paytm. The use of UPI QR codes and deep links to these apps indicates that the scam is specifically targeted at Indian users.
The scam has been found to escalate beyond simple payment fraud to full-scale credential harvesting. Advanced variants of the campaign simulate legitimate policy services, offering options like “Update Amount” or “Refund.” Once engaged, users are prompted to provide critical banking and credit card details for “verification.” This information is then captured and exfiltrated directly to attacker-controlled Telegram bots via the Telegram API.
To mitigate these risks, users are advised to verify the authenticity of URLs, avoid clicking links in unsolicited SMS messages, and make premium payments only through the official PNB MetLife application or website. It is essential to be cautious when receiving unsolicited messages or emails, and to never provide sensitive information in response to such messages. By being aware of these tactics and taking necessary precautions, users can protect themselves from falling victim to this scam.
The scam highlights the importance of cybersecurity awareness and the need for users to be vigilant when interacting with online services. As online scams continue to evolve and become more sophisticated, it is crucial for users to stay informed and take steps to protect themselves. By staying up-to-date with the latest cyber trends and being mindful of potential threats, users can reduce their risk of falling victim to online scams like this one.