Friday, January 13, 2017

HOW THEY TRIED TO STEAL MY NET-BANKING CREDENTIALS

This happened to me today morning. When I opened my gmail, I got an email from "INCOME TAX DEPARTMENT, MINISTRY OF FINANCE, GOVERNMENT OF INDIA", at least that is what the signature of the email claims.
The email stated that I have got a tax refund from my last year tax filing, and there was a link in CAPITAL LETTERS that stated APPLY FOR A REFUND REQUEST.
The button was linked to a website http://firsindia.ga/xxxx
As soon as I saw this, I knew it was a SCAM. On a regular day, I would've just deleted this email and went ahead. But, I wanted to know the motive of the email. For someone who is unaware of, there are two things that made me realize that this is a SCAM link. 1) it is not a 'https' link, and it is a 'http' link.
2) I just visited the website http://firsindia.ga in incognito mode and it was blank.
After opening the link provided in the email, there was a page that asked a list of bank to choose from, into an account in which your refund will be processed.
Next step is to choose the bank, and press submit, you will be taken to the bank internet login website. This is a SCAM page, where you are expected to enter your internet banking credentials. In the attached images, please take a look at the address bar in the screenshot images. This is their own SCAM website.
What happens when you login using your internet banking credentials in this website? You have entered your username and password in the SCAM website, and now your credentials are safely stored in their database in their website. This can be used by the them to hack into your bank account and misuse your bank account.
I have used a few of the bank websites that were mentioned in the SCAM website, and the screenshots of the SCAM website look strikingly similar to the original net banking login pages of these banks.
Next time when you get some cheap tricky emails like this from SCAMMERS, please don't ever try to login or provide confidential information in any third party websites. Please use only verified websites of the banks.
Please pass this information to your parents, and others who might be having difficulty in distinguishing between the actual and SCAM websites.
REPLICA OF CITI BANK LOGIN
HDFC BANK REPLICA
ICICI BANK
AXIS BANK
When I choose Other banks, it just asks for Customer ID and password without the bank page.
Such an organised crime it was.