India Experiences Phishing March

On a particular day in October 2006, Sukhwinder Singh was checking his bank account online when he found that his deposited sum of Rs. 41,000 wasn't there.

Investigations soon unfolded the case. Singh's funds had been moved to an account of some Harpreet Chohan residing in Delhi. It revealed that Singh had suffered a phishing attack that hacked his account with ICICI Bank. Singh had responded to a spam mail by giving out his username and password.

Later the hackers simply logged into Singh's account and entered their cell phone number replacing his. Thus when they transferred the money, the e-mail alerting Singh about the transfer went to their phones instead of Singh's.

Harpreet Chohan, the alleged hacker disclosed before CNBC-TV18 that he had no idea how the funds went into his account. He said he did not know as to how to operate a computer therefore he couldn't be a phisher.

A phishing attack normally initiates by the victim receiving a harmless e-mail, usually from his bank. It warns that somebody is attempting to hack the recipient's account, so he needs to enter his password as a security measure. When the person clicks on the given link he is taken to a fake website where he actually keys in his personal details such as name and password. On submitting them, he never even realizes when his name & password go to the hacker or the phisher. And within a few minutes after this the funds get transferred from its original account to that of the phisher.

There has been a ten times increase in the number of people making online banking transactions in five years. With this the online bank account frauds have also multiplied. It has been estimated that around $6 billion has been stolen from world user accounts by phishing attacks and this type of fraud is rapidly catching up in India too.

Mukhi adds that the phishing attack has become more dangerous as the Internet doesn't consider geographical boundaries. A person can plant such an attack on any Indian bank from America & the fake web page may appear in Taiwan.

Related article: India Remains an Easy Target for Hackers in '06

» SPAMfighter News - 1/10/2007