Phishing, an attempt to steal banking details, is a serious problem faced by banks worldwide. Commonly, a phishing attempt appears as an e-mail that comes from a known institution like a bank or a popular online shopping website. I recently came across such an email which pretends to be from ICICI bank. The email looks like this:
The email misguides Internet users by saying – “ICICI Bank is constantly striving to provide you with more convenience, control, and security to assist in managing your finances online. As part of our ongoing efforts to operate on ISO requirements, and create an enhanced security portal for your online banking services, we have upgraded the ICICI Bank Electronic-Sign Consent and Online Access. To upgrade your account security status it is mandatory that you kindly update your online banking Information. Do kindly update and unlock your ICICI Bank Online profile by following the steps”.
The mail then creates a sense of urgency by mentioning that the account will be suspended if the user does not undergodo the upgrade process within 72 hours.
The email also contains an HTML file attachment which the attacker aims to execute on the victim’s machine. Upon execution, it looks like an exact replica of the ICICI Internet banking form with fields like user ID, password, debit card no., pin no., mobile no. and more.
“hxxp:// accountauthenticate. com/www.icicibank.com.verification.process.platform.validation.process.
Quick Heal successfully detects this attack and protects its users from such phishing attempts. Please note that banks never ask for confidential data like login and transaction password, One Time Password (OTP), Unique Reference No. (URN) etc. through emails.