Phishing Websites of Top Indian Financial Institutions Deceiving Customers

Security company Symantec has disclosed in its latest study that cyber crooks are attacking online customers by launching phishing sites in the name of reputed banks and financial institutions of India.

The number of phishing sites on Indian government bank brands surged by 35% in March 2010 from February 2010. RBI (The Reserve Bank of India) was one of the crucial targets along with the others.

Thus, from the example of RBI, Symantec informed that although the phishing site of RBI carried the RBI logo, the web page is totally different from the authentic RBI website. The fake web page is designed by using a single template, enabling hackers to spoof several brands just by replacing the logo and some keywords. phishing sites that spoof other brands by making use of this design template are hosted on the same IP with distinct domain names.

Further, Symantec stated that phishing mail carries an URL link. After clicking the link, the attacked user will reach a site showing the name of a govt. department or a bank. The mail asks the user to reveal their private details like bank account number and login password.

Fascinatingly, most of the phishing sites designed during March 2010 have URL extension .in, reportedly showing that they are Indian sites. But after examination, it was disclosed that the servers of these sites are situated in the US.

A Senior IT professional working with an Internet firm stated that the details revealed by the users are used to evacuate their bank accounts. Their private data might be used by fraudsters to make bogus ids, fake registrations and for other unauthentic purposes, as per the news published by dnaindia.com on May 12, 2010.

Therefore, to avoid being scammed, web users are suggested to follow some essential tips like suspicious links should not be clicked, URL of the site should be checked to ensure that it belongs to the brand. Further, users should directly type the domain name of the brand's site into the browser's address bar instead of following any link. And lastly, users are advised to regularly update their Internet security software, which protects them from phishing scams.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 5/20/2010