The Sri Lanka Computer Emergency Response Team Coordination Centre, the centre for cyber security in the island, said they have got about 10 complaints so far about stolen passwords.
"Even today we got complaints," senior cyber security engineer Rohana Palliyaguru told Vimasuma.
com, our sister news website.
"About five fake websites have been created using the names of one state bank and two private banks.
"
The method of the cyber thieves is to send emails with links to the fake bank websites asking customers to update their details like user names and passwords.
"These fake websites are registered in the United States and we have warned the authorities in the USA but it takes take time for them to act," Palliyaguru said.
"We can't stop the creation of such false web sites.
We can only warn internet users not to enter such suspicious sites.
No bank will ever send emails with web links asking customers to update their details."
The Sri Lanka CERT|CC said in a notice on their