Phishing is a relatively new phenomenon in India, though United States, South America and Europe have been reeling under its impact for years now. The new scam mail targeting the rather soft Indian customer, who’s naiver in terms of awareness on such activities, goes ahead and tries a contemporary trend in international online fraud. It tells users that a popular bank is updating their online security mechanism, so the user should key-in his banking information in the website that the fake email leads them to!
Security Analysts at MicroWorld Technologies warn that a Phishing mail in the name of one of India’s leading Banks, ICICI, has been found to be spammed to targeted user groups for the last couple of weeks, aiming to steal sensitive financial information.
The mail reads that the ICICI bank is upgrading to a new SSL Server to insulate customers against online Identity Theft and other criminal activities. Users are told to confirm their personal banking information following the link given in the mail. It also warns that if the user does not complete the form, the online bank account will be suspended till further notification. Once the user clicks on the link, he is taken to a bogus website that looks identical to the original one, where he is made to part with his account number, password and PIN number.
Phishing is the cyber form of Identity Theft using fake spam emails and fake websites of reputed financial organizations. You receive an email that seems to be coming from a reputed bank, Credit Card firm, Auction website or any other financial institution. The message tries one of the several tricks to induce you to click on a link provided in the mail and gets you to reveal your personal information. This stolen information is used for sophisticated Online Robbery, Identity Theft and other Internet related crimes.
The Anti-Phishing Working Group, an industry consortium formed to fight this mode of crime, says in its study that the attacks in recent months were double that of what were reported in the same months last year. With e-commerce growing rapidly, Phishing attempts may grow multifold this year, faking more brands and institutions to loot more victims around the globe.
Every single psychological ploy, right from shocking, luring, scaring and threatening directly have been used by scam artists as ways of mass “Social Engineering” to get the potential victims to fall in line. There were mails that posed as regular account verification from the banks, the ones that offered users free tickets and coupons for filling in a survey, the types that told users that their account is compromised by identity thieves and more recently, security warnings, like the ones witnessed in the ICICI bank scam.
“More and more Indians are logging on to online banking and plastic money thanks to a booming economy and the IT revolution,” said Sunil Kripalani, Vice President, Global Sales and Marketing, MicroWorld Technologies. “An increasing number of such attacks should be anticipated in India and elsewhere, who’s economies are on the course of resurgence, as scamsters know that these targets are softer in comparison. Effective spam control, Anti-Phishing and Virus protection are key factors in fighting this menace, going hand in hand with larger campaigns for user awareness and education.”