• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

FW: ICICI Bank Duplicate site - be careful - really!!!

 
Ranch Hand
Posts: 3852
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


Hi All,



An important piece of information.



Sur prising both the sites have secured SSL from Verisign !!!

beware !!



This is one of the worst phishing scam ever seen.
Here are the both the URLs, they are same, except there is a space (%20) at the end of the phishing URL.

The wrong one
https://infinity.icicibank.co.in/BANKAWAY?Action.RetUser.Init.001=Y&AppSignonBankId=ICI&AppType=corporate&abrdPrf=N%20

Actual ICICI Site
https://infinity.icicibank.co.in/BANKAWAY?Action.RetUser.Init.001=Y&AppSignonBankId=ICI&AppType=corporate&abrdPrf=N
Please forward this mail to all friends.



Received as a forward.

I think both URL are reliable. Open wrong (fraud) one then click on personal, it opens up the same reliable URL (actual URL).
 
Rancher
Posts: 43028
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I seem to be a bit slow in understanding. All URLs are part of the ICICI bank domain - how is this a phishing attempt?

Since you're saying that both URLs seem to be reliable, why are you posting this here?
[ May 22, 2008: Message edited by: Ulf Dittmer ]
 
Ranch Hand
Posts: 120
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
:roll:
 
Bartender
Posts: 6663
5
MyEclipse IDE Firefox Browser Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am confused as well.

Both redirected me to the icici website. Or is this meaningless ?
 
Ranch Hand
Posts: 1282
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Without agreeing or dis-agreeing with the validity of reported method as valid issue, I had something occur yesterday which causes me to contemplate Opie's report in light of some other LD-50's
 
Ranch Hand
Posts: 628
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Few days back I got a email from HDFC bank..Again this is an phising attack...

Contents of mail as below...
Unauthorized NetBanking Access On Your Account


In the last fews weeks, our Online Banking Security team has observed multiple logons on your Internet Banking Account, from different Blacklisted IP's, therefore been blocked, to prevent further unauthorized access for your safety. we have decided to put an extra verification process to ensure your identity and your Internet Banking Account Security.

Click on for your NetBanking Online Access.

http://www.hdfcbank.com/1/2/securityaccess/precaution/internet-banking/

Security Advisory,
HDFC Online Banking

*Important*
Please update your records on or before 48 hours, a failure to update your records will result in a temporary hold on your funds - it's one more way that HDFC makes your online banking experience better..

� 2007 All Rights Reserved
 
Ranch Hand
Posts: 1609
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Anti-phishing or anti-ICICI??
 
Ulf Dittmer
Rancher
Posts: 43028
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Rambo Prasad:
Few days back I got a email from HDFC bank..Again this is an phising attack...


Please help me understand how this is a phishing attack. Are you saying that the domain hdfcbank.com is not owned by HDFC Bank? Or that you're not a customer of the bank?
 
Ranch Hand
Posts: 8944
Firefox Browser Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hdfc bank website is perfectly fine. I dont see any phising. The link posted by Mr.Ramboo is not working though,.
 
Pradeep bhatt
Ranch Hand
Posts: 8944
Firefox Browser Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ulf Dittmer:
I seem to be a bit slow in understanding. All URLs are part of the ICICI bank domain - how is this a phishing attempt?

Since you're saying that both URLs seem to be reliable, why are you posting this here?

[ May 22, 2008: Message edited by: Ulf Dittmer ]



No phishing at all.
 
Rambo Prasad
Ranch Hand
Posts: 628
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Please help me understand how this is a phishing attack. Are you saying that the domain hdfcbank.com is not owned by HDFC Bank? Or that you're not a customer of the bank?



I got an email...When I clicked on the link in the email it took me to a fake HDFC bank site with the following url
http://209.40.193.221/~hdfc/www.hdfcbank.com/personal/Welcome%20to%20HDFC%20Bank%20NetBanking.htm

And it prompted me for the Customer Id and and my password..Notice that it is http and not https..Besides the word "Urgent" is usually associated with spam..
But the correct one is https://netbanking.hdfcbank.com/netbanking/

I immediately called up the HDFC customer care and questioned them about the multiple login attempts to my account.They said me that it is a phishing attack and lot of people got duped this way...
[ May 23, 2008: Message edited by: Rambo Prasad ]
 
Ulf Dittmer
Rancher
Posts: 43028
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


http://209.40.193.221/~hdfc/www.hdfcbank.com/personal/Welcome%20to%20HDFC%20Bank%20NetBanking.htm


That is indeed phishing. But the URL you posted earlier is genuine.
 
Pradeep bhatt
Ranch Hand
Posts: 8944
Firefox Browser Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ulf Dittmer:

That is indeed phishing. But the URL you posted earlier is genuine.



yes. I am confused now.
 
Akhilesh Trivedi
Ranch Hand
Posts: 1609
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The Gods Must Be Crazy
 
Deepak Bala
Bartender
Posts: 6663
5
MyEclipse IDE Firefox Browser Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ulf Dittmer:

That is indeed phishing. But the URL you posted earlier is genuine.



Ah ! Makes more sense now.

Still puzzled about the ICICI though
 
Rambo Prasad
Ranch Hand
Posts: 628
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

That is indeed phishing. But the URL you posted earlier is genuine.



I mean the URL displayed is genuine but the URL to which it is directed to is the fake...
It is something like this
[A HREF="http://209.40.193.221/~hdfc/www.hdfcbank.com/...>http://www.hdfcbank.com/..[/a]
 
pie. tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic