— Buffercode (@buffercoding) February 25, 2016
Official @ reply to tweet :
@buffercoding Hi, ICICI Bank has a robust & multi-level security system for all its banking channels including our internet banking to safeguard our customers from fraudulent attacks including phishing. The phishing page which was hosted on the third party website does not exist & hence, it does not pose any threat to our customers. In addition, we hav a proactive monitoring process to detect such phishing page/site, which are immediately brought down. In order to expand d vigilance, we even request our customers to bring to our notice as & when they come across any such phishing site. ICICI Bank never asks personal, account or financial information from our customers via e-mail or by directing them to a link online. On an ongoing basis the Bank advises its customers to not reveal their details to anyone. Readers and customers are requested to forward such e-mails to email@example.com along with your contact details.
Phishing malware : Comodo Threat Research Labs, a provider of computer software and SSL digital certificates, based in Clifton, N.J., has discovered a malware attack targeting ICICI Bank, a multinational bank based in Mumbai, Maharashtra, India. The bank has more than 4,000 branches and 13,000 ATMs in India.
Fake email was sent as official bank notice for user to update banking detail and it is mandatory.The sender is firstname.lastname@example.org which seems to be real but the domain name is not at all connected to the bank.Fraud page of bank’s website encourages customers to address emails claming to be from bank regarding sensitive data like as account number,pin number or password by forwarding email to email@example.com.
Exploration of personal data by Email
In the email itself,the attacker demand the victim to click on a compulsory hyperlink to fill in personal and professional data.When the victim click the link,they reach the page where they asked to fill personal or corporate data.On selecting any of the option victim reach the new landing page where victim asked to confirm personal data such as account number,password,user ID,transaction ID,debit card number,email password.According to the COMODO people should make sure about the URL of the site asking for personal information.The team of comodo identified ICICI phishing by the domain,URLanalysis,IP and image analysis.
“According to the Fatih Orhan director of technology for comodo and the comodo Threat Research labs-Through our specific IP and URL analysis – as well as the Comodo Threat Research Labs’ continuous monitoring and scanning of data from the users of Comodo’s security systems, our team was able to identify this specific phishing email scam and alert the public to it,”. “As a company, we work diligently to create innovative technology solutions that stay a step ahead of the cybercriminals and keep enterprises and IT environments safe.”
Bending of Phishing Scams
ICICI noted on its website that person receiving email should never give the information by email.Customer should take advice from the bank or to call customer care or visit customer service in case of unofficial ICICI bank website.
Have something to add in Phishing malware crashes ICICI bank?? Please share in comments.
Follow us on Facebook, Google Plus and Twitter.