Go Back   Team-BHP > Around the Corner > Shifting gears


Reply
 
Thread Tools Search this Thread
Old 22nd July 2010, 10:49   #1
Senior - BHPian
 
DCEite's Avatar
 
Join Date: Sep 2004
Location: NCR
Posts: 3,015
Thanked: 441 Times
Default ICICI Bank Phishing Alert !!!! - New Technique

Received this mail today in my Inbox,

Note From Support - Do Not Click on any of the links in the quoted text below as it contains the Phishing urls. Thanks

Quote:
Dear Customer,

There have been many instances whereby people have complained of being duped of their hard earned money owing to phishing. Miss Sheela Kumar was one among them.

It so happened that one fine morning Miss Kumar was checking her mails over a cup of hot coffee. She received an email which read-



Two days later, she was shocked to find that her bank account had been wiped clean through a funds transfer.

To keep your account safe from fraud we hope you can verify your account right now

Please Click Here For Verification Your Account (infinity.icicibank.co.in.duniamail.com/onlineverification/update_account.html?Action.RetUser.Init.001=Y&AppS ignonBankId=ICI&AppType=corporate&abrdPrf=N)

Once you have verification your account records your ICICI Online account service will not be interrupted and will continue as normal.

Here's how you can protect your account from phishing:



* Never enter your personal details on any website via links in e-mail. Always access the website by typing ICICI Bank | Personal Banking | NRI Banking | Corporate Banking | Business Banking | Agri & Rural Banking at the address bar.


* If you receive an e-mail claiming to be from ICICI Bank, asking you to update confidential account-related information like PIN, password, account number, do not respond to it.



Remember: ICICI Bank will never ask for such confidential information in any of our communication.

If you suspect a mail to be a phishing attempt, please forward it to executivedirector@icicibank.com and help us nab fraudsters.

Sincerely,
ICICI Bank
Ironically, this mail is against phishing mails which ask for personal details, but when you click on the link, it asks you for User ID, Password, ATM number, and even ATM Pin code !

Last edited by Rehaan : 28th February 2012 at 19:48. Reason: Making phishing url unclickable, thanks
DCEite is offline   Reply With Quote
Old 22nd July 2010, 10:52   #2
BHPian
 
prateekm's Avatar
 
Join Date: Nov 2009
Location: Mumbai & BLR
Posts: 755
Thanked: 307 Times
Default

It is hosted on a subdomain of duniamail.com. But when people see icicibank written somewhere, they feel it is valid and get phished. Thanks for reporting here.
prateekm is offline   Reply With Quote
Old 22nd July 2010, 10:55   #3
BHPian
 
MalluDude's Avatar
 
Join Date: Aug 2005
Location: Cochin
Posts: 380
Thanked: 25 Times
Default

WOW...now that's a good one. The site resembles the real one to a great extent, only that
(1) There's there's a .duniamail in the URL, which obviously shoudn't be there.
(2) ICICI bank login screen always has https in it's URL and not http.
(3) Being a trusted site,the real one will have the lock symbol in the lower part of the browser.
MalluDude is offline   Reply With Quote
Old 22nd July 2010, 11:11   #4
BHPian
 
Newpunter's Avatar
 
Join Date: May 2010
Location: Bangalore
Posts: 640
Thanked: 40 Times
Default

I got this mail too today. Even the URL seemed genuine, but something wasn't right coz they were asking for all the details and it was not a https domain but plain http. Then i found the duniamail part in the URL. Seems like the phishers are getting very clever. This kind of attack can fool a lot of people, coz the mail seemed very genuine and the site also looked a lot like the ICICI site.
Newpunter is offline   Reply With Quote
Old 22nd July 2010, 11:15   #5
Senior - BHPian
 
DCEite's Avatar
 
Join Date: Sep 2004
Location: NCR
Posts: 3,015
Thanked: 441 Times
Default

How did they manage to have the From address as epromotions@icicibank.com ?
DCEite is offline   Reply With Quote
Old 22nd July 2010, 11:27   #6
BHPian
 
RemingtonSteele's Avatar
 
Join Date: Jun 2010
Location: Pune
Posts: 568
Thanked: 163 Times
Default

Quote:
Originally Posted by DCEite View Post
How did they manage to have the From address as epromotions@icicibank.com ?
There are many open mail relays servers on internet. Using that you can assume any sender address, anyway they are not expecting you to reply that email but anticipate you will click on the link they sent; so their motive is achieved.
RemingtonSteele is offline   Reply With Quote
Old 22nd July 2010, 11:29   #7
Senior - BHPian
 
DCEite's Avatar
 
Join Date: Sep 2004
Location: NCR
Posts: 3,015
Thanked: 441 Times
Default

Victory !!

I forwarded this mail to antiphishing@icicibank.com, and within minutes, the Site is now reported "Web Forgery" by the browser.

Last edited by DCEite : 22nd July 2010 at 11:30.
DCEite is offline   Reply With Quote
Old 22nd July 2010, 11:37   #8
BHPian
 
prateekm's Avatar
 
Join Date: Nov 2009
Location: Mumbai & BLR
Posts: 755
Thanked: 307 Times
Default

Quote:
How did they manage to have the From address as epromotions@icicibank.com
There are various fake mailers available on the internet.
prateekm is offline   Reply With Quote
Old 22nd July 2010, 14:08   #9
Senior - BHPian
 
pranavt's Avatar
 
Join Date: May 2008
Location: Mumbai
Posts: 1,628
Thanked: 272 Times
Default

You can send it off your own computer if you take the trouble of setting up an SMTP server
pranavt is offline   Reply With Quote
Old 22nd July 2010, 14:15   #10
Team-BHP Support
 
bblost's Avatar
 
Join Date: Jul 2007
Location: Hyderabad
Posts: 9,551
Thanked: 6,306 Times
Default

I don't understand how they can do a funds transfer using icici infinity portal without the Grid Card
bblost is offline   Reply With Quote
Old 22nd July 2010, 14:22   #11
BHPian
 
Join Date: Nov 2008
Location: bangalore
Posts: 61
Thanked: 4 Times
Default

hey using free comodo firewall with anti virus, Microsoft Security Essentials free and Avast free, avast keeps catching the issues, and comodo highlights it.

worried man, but the poor average indian will not even take basic care.

Please strengthen your security guys
Johnn is offline   Reply With Quote
Old 22nd July 2010, 14:26   #12
Senior - BHPian
 
DCEite's Avatar
 
Join Date: Sep 2004
Location: NCR
Posts: 3,015
Thanked: 441 Times
Default

Quote:
Originally Posted by bblost View Post
I don't understand how they can do a funds transfer using icici infinity portal without the Grid Card
The phishing site asks for ATM car number, pin number along with transaction password, user id, login pwd.
DCEite is offline   Reply With Quote
Old 22nd July 2010, 14:34   #13
BHPian
 
leadf00t's Avatar
 
Join Date: Oct 2007
Location: Boston, MA
Posts: 436
Thanked: 12 Times
Default

Quote:
Originally Posted by DCEite View Post
The phishing site asks for ATM car number, pin number along with transaction password, user id, login pwd.
Still for doing any netbanking transaction using ICICI's ownsite or vendor provided netbanking option like (billdesk) the numbrs on grid are always asked.

I dont think there is any way of bypassing that.
leadf00t is offline   Reply With Quote
Old 22nd July 2010, 14:44   #14
Senior - BHPian
 
DCEite's Avatar
 
Join Date: Sep 2004
Location: NCR
Posts: 3,015
Thanked: 441 Times
Default

Quote:
Originally Posted by leadf00t View Post
Still for doing any netbanking transaction using ICICI's ownsite or vendor provided netbanking option like (billdesk) the numbrs on grid are always asked.

I dont think there is any way of bypassing that.
For me it always asks some specific digits of the Debit card number and transaction password, for the past 4 years. It did use to give me an option to opt for grid card, but i never ordered it.
DCEite is offline   Reply With Quote
Old 22nd July 2010, 15:09   #15
Senior - BHPian
 
mjothi's Avatar
 
Join Date: Dec 2007
Location: Bangalore
Posts: 3,252
Thanked: 216 Times
Default

Quote:
Originally Posted by leadf00t View Post
Still for doing any netbanking transaction using ICICI's ownsite or vendor provided netbanking option like (billdesk) the numbrs on grid are always asked.

I dont think there is any way of bypassing that.
For me it does not ask when you pay any bills inside the icici bank account site.

The grid is asked only when its doing a internet banking and the icici is used as a gateway for payment.
mjothi is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
ICICI Bank phishing site received today in mail emkay456 Shifting gears 28 5th October 2009 22:10
ICICI Bank Bankruptcy News...Rumour?? (EDIT: Yes it was an absolutely baseless rumor) RuffRyder Shifting gears 49 30th September 2008 19:42
ICICI Bank fined Rs 50 lakh for hiring 'goons' nirmalts Shifting gears 36 11th June 2008 14:02
Does ICICI bank send private agents to collect documents? Jaguar Indian Car Loans & Insurance 10 6th February 2008 15:18


All times are GMT +5.5. The time now is 09:34.

Copyright 2000 - 2017, Team-BHP.com
Proudly powered by E2E Networks