[DCEite]

Received this mail today in my Inbox,

Note From Support - Do Not Click on any of the links in the quoted text below as it contains the Phishing urls. Thanks

Quote:

Dear Customer,

There have been many instances whereby people have complained of being duped of their hard earned money owing to phishing. Miss Sheela Kumar was one among them.

It so happened that one fine morning Miss Kumar was checking her mails over a cup of hot coffee. She received an email which read-



Two days later, she was shocked to find that her bank account had been wiped clean through a funds transfer.

To keep your account safe from fraud we hope you can verify your account right now

Please Click Here For Verification Your Account (infinity.icicibank.co.in.duniamail.com/onlineverification/update_account.html?Action.RetUser.Init.001=Y&AppS ignonBankId=ICI&AppType=corporate&abrdPrf=N)

Once you have verification your account records your ICICI Online account service will not be interrupted and will continue as normal.

Here's how you can protect your account from phishing:



* Never enter your personal details on any website via links in e-mail. Always access the website by typing ICICI Bank | Personal Banking | NRI Banking | Corporate Banking | Business Banking | Agri & Rural Banking at the address bar.


* If you receive an e-mail claiming to be from ICICI Bank, asking you to update confidential account-related information like PIN, password, account number, do not respond to it.



Remember: ICICI Bank will never ask for such confidential information in any of our communication.

If you suspect a mail to be a phishing attempt, please forward it to executivedirector@icicibank.com and help us nab fraudsters.

Sincerely,
ICICI Bank

Ironically, this mail is against phishing mails which ask for personal details, but when you click on the link, it asks you for User ID, Password, ATM number, and even ATM Pin code !

[prateekm]

It is hosted on a subdomain of duniamail.com. But when people see icicibank written somewhere, they feel it is valid and get phished. Thanks for reporting here.

[MalluDude]

WOW...now that's a good one. The site resembles the real one to a great extent, only that
(1) There's there's a .duniamail in the URL, which obviously shoudn't be there.
(2) ICICI bank login screen always has https in it's URL and not http.
(3) Being a trusted site,the real one will have the lock symbol in the lower part of the browser.

[Newpunter]

I got this mail too today. Even the URL seemed genuine, but something wasn't right coz they were asking for all the details and it was not a https domain but plain http. Then i found the duniamail part in the URL. Seems like the phishers are getting very clever. This kind of attack can fool a lot of people, coz the mail seemed very genuine and the site also looked a lot like the ICICI site.

[DCEite]

How did they manage to have the From address as epromotions@icicibank.com ?

[RemingtonSteele]

Quote:

Originally Posted by DCEite

How did they manage to have the From address as epromotions@icicibank.com ?

There are many open mail relays servers on internet. Using that you can assume any sender address, anyway they are not expecting you to reply that email but anticipate you will click on the link they sent; so their motive is achieved.

[DCEite]

Victory !!

I forwarded this mail to antiphishing@icicibank.com, and within minutes, the Site is now reported "Web Forgery" by the browser.

[prateekm]

Quote:

How did they manage to have the From address as epromotions@icicibank.com

There are various fake mailers available on the internet.

[pranavt]

You can send it off your own computer if you take the trouble of setting up an SMTP server

[bblost]

I don't understand how they can do a funds transfer using icici infinity portal without the Grid Card

[Johnn]

hey using free comodo firewall with anti virus, Microsoft Security Essentials free and Avast free, avast keeps catching the issues, and comodo highlights it.

worried man, but the poor average indian will not even take basic care.

Please strengthen your security guys

[DCEite]

Quote:

Originally Posted by bblost

I don't understand how they can do a funds transfer using icici infinity portal without the Grid Card

The phishing site asks for ATM car number, pin number along with transaction password, user id, login pwd.

[leadf00t]

Quote:

Originally Posted by DCEite

The phishing site asks for ATM car number, pin number along with transaction password, user id, login pwd.

Still for doing any netbanking transaction using ICICI's ownsite or vendor provided netbanking option like (billdesk) the numbrs on grid are always asked.

I dont think there is any way of bypassing that.

[DCEite]

Quote:

Originally Posted by leadf00t

Still for doing any netbanking transaction using ICICI's ownsite or vendor provided netbanking option like (billdesk) the numbrs on grid are always asked.

I dont think there is any way of bypassing that.

For me it always asks some specific digits of the Debit card number and transaction password, for the past 4 years. It did use to give me an option to opt for grid card, but i never ordered it.

[mjothi]

Quote:

Originally Posted by leadf00t

Still for doing any netbanking transaction using ICICI's ownsite or vendor provided netbanking option like (billdesk) the numbrs on grid are always asked.

I dont think there is any way of bypassing that.

For me it does not ask when you pay any bills inside the icici bank account site.

The grid is asked only when its doing a internet banking and the icici is used as a gateway for payment.