Written by Pavan Kumar on September 8, 2009
BE YOU AN INDIAN RESIDENT OR WHATEVER, ITS A MUST READ FOR EVERYONE
I had always seen a lot of people discussing about phishing attacks related with Paypal, but never knew such a horrible fact that spammers have turned their focus on Indian local bank customers. It was cleared when I myself got a mail on my mail box.
Punjab National Bank is quite a popular bank in India with its branches in most of the major cities. I don’t have much idea about the bank and also that is not needed here. Recently I found a mail in my spam box (Thank God!) which was almost similar to what I have read of Paypal phishing mails. Here is the screenshot of the mail:
Here is what the mail read:
Your access to Online Banking services has been Limited. This was as a result of a miss-match access code discovered between your Online Access details in our database during our last maintanance this Month.
Hence you are required to Re-activate your Online Banking details to enable our server update your information to match with our latest Online Security upgrade. Please follow the Re-activation Reference below:
Re-Activate Your Online Banking Details
Important Notice:- You are strictly advised to match your information correctly and carefully to avoid service suspension of your account.
We apologize for any inconvenience.
Thank you for using National Bank of Punjab !
© Punjab National Bank. All rights reserved.
Information on protecting yourself from fraud, please review the Security Tips in our Security Center.
The most important point to consider is that the text Re-Activate Your Online Banking Details was linked to their website where they have published an attack site.
Ok, enough now, don’t visit the website. Its a replica of original webpage of PNB Net Banking, let us compare both one below the other.
Indeed, there are very minor changes in them, but not even regular users can easily notice the difference.
Heading over to login page:
No more games can be played with genuine website, but fake one accepts further gaming. I tried with user id kk
Ok, I have fake details for everything. Let me help you withdraw my fake funds.
Enjoy hacker, have a good day.
The real movie does not end here. Its you, the customer who need to be aware of all such scams keep yourself alert. I already have a few important videos to watch and learn about phishing. Check out this and this.
Always remember few important facts:
- Never click on links on such mails even if they appear to have come from your bank and its normal mail id.
- Never enter user id and password for banking sites until you confirm the page is secure (url starts from https:// and hovering on favicon says its verified and status bar shows a lock which indicates the site is authentic).
- Delete the mail. You may also forward it to email@example.com and firstname.lastname@example.org
- Don’t visit the link. If you visit accidentally, don’t forget to report web forgery.
Hope these points help you and you never fall into such scams. Further read these Paypal security tips which are important for everyone who use Paypal.
People who liked this also read: