I was in no way thought of writing this post today. I mean, it was not in my list of scheduled posts. But I was just going through my spam folder and found a phishing email claiming to be from “Bank of India” though I have no accounts in that bank. It talks about talling Enhanced Online Security and hence wants the customers to reactivate their online account by submitting details again.

Now first of all we will talk about what a phishing email is. Phishing e-mail, disguised as an official e-mail from a (fictional) bank. The sender is attempts to trick the recipient into revealing confidential information by “confirming”  or directing it at the phisher’s website. Although the URL of the bank’s webpage appears to be legitimate, it actually links to the phisher’s webpage.

I have pasted the email above. Even though I knew at first sight, It was a phishing email but many innocent and ignorant guys will think its a genuine email.

Now, Lets talk about how to recognize that it is a phishing email. First of all, bank will never send you emails like this which require you to reactivate your account even if it installs a new security system.

Now, If you try to just hover your mouse on the link  that ask you to get clicked, You can see the actual URL in the status bar ( bottom of your browser). If you haven’t enabled status bar, just right click on that link and you can copy the URL. Just paste the URL anywhere or even in browser but do not open it. You will see its pointing to somewhere else instead of your normal Bank website.

You should never click a URL in the email if its related to your banking , personal or financial stuff.

I went a step further and opened the link in the browser. The link led me to a webpage similar to Bank of India Login page. Just have a look.

The webpage is looking a bit topsy turvy, the reason being I opened it inside Ubuntu and Firefox in a Virtual environment. It will look good in perhaps IE or Windows.

You can easily know its a phishing URL if you see the final webpage URL. First it wont have a secure connection which means it wont be having https in the URL, just http. It may also contain just the numbers instead of Domain name of bank.

I went one step further. I logged in using a simple username “phishingtest” and same login, and it moved to next screen.

The next page asks you everything starting from your Debit card details, ATM PIN and Transaction password.

So if someone false into this trap , all his information is lost and is available to the phishing guys. I wrote all this in such a details for those novice users, who can be victims of phishing emails like this.