![Gossip Lanka News [English]](https://blogger.googleusercontent.com/img/a/AVvXsEhYm2aFFq-bIW1nWX-RrqnPFoIsVos6_VCVz8BpLt0QJi55GNXHXC2fugeRvL0qUStEuCfs7Sfu6ZiSlhrkldxfGuE_wzy5gitY6rMZ2KSi8VBbGvkgXLks37RwZV-4-HKbWiNLRxB8C_r1e4z3mpxFTMPDJPEADoG8E-bZteWFipeD5KNGbjvCfqEfKw=s300 "Gossip Lanka News [English]")
Colombo’s banking circles are buzzing this week after several leading banks dropped urgent warnings to their customers: scammers are at it again, spinning up fake banking websites designed to trick even the sharpest of eyes.
According to the notices, fraudsters are circulating links through emails and text messages that look almost identical to real banking portals—just a tiny spelling twist here, a strange character there. Customers who fall for the bait may end up handing over their personal and financial details without even realising it.
The advice is blunt: never click on suspicious links. Type the official bank web address directly into your browser. One amused customer outside a Kollupitiya branch was overheard saying, “Even my ex wasn’t this sneaky with fake Facebook profiles.”
Banks stress that individuals should carefully verify URLs before entering login credentials and report anything suspicious immediately.
This is not just a Sri Lankan problem. Globally, banks are locked in their own cyber-thriller. HSBC, Citi and DBS now demand more than just a password, with many customers required to confirm logins using codes, fingerprints or even facial recognition. JPMorgan Chase spends over 600 million dollars annually on artificial intelligence systems that patrol accounts for unusual activity. In the UK and US, customers can instantly freeze their bank cards from mobile apps, while others receive text alerts for every transaction.
Sri Lankan banks are catching up. Most now offer SMS alerts, daily transfer limits and 24-hour hotlines. The Central Bank too has been pressing for stronger digital security checks, much like Europe’s regulations that make two-factor authentication mandatory. But the scammers are also evolving, with fake “mirror sites” becoming the scam trend of the season.
The takeaway is simple: if the website address looks odd, it probably is. Use your bank’s official app or type the address yourself. And if in doubt, call the bank before you click.
As one banker in Fort put it over lunch, “Better to be paranoid with your clicks than penniless with your balance.”