Monday, September 8, 2008

Phishing: Security Alerts From HDFC Bank

There was a wave of emails coupled by phishing attacks for ICICI
Bank customers and it has considerable slowed down. Today I saw this
email in my inbox claiming to be from - Which
says it is a Security Alert that I need to enter my Customer ID and
IPIN so that the technical Crew HDFC can perform a security upgrade.

You can see the actual Email below.

There are many mistakes in this email and I wonder why the AntiSpam didn't pick it up.

The SPF test for this Email Server Fails, It is coming from -, Located in Canada where as is a different IP altogather.
2) The Link is pointing to instead of HDFC Bank.
3) AnyBank will not send an email which such poor layout.
4) No Bank will send such an email to its customers to enter their Login details on a website.

kind of Phishing attack is nothing new, But looking at the recent
pattern's of growin phishing attacks and web malware there is lot more
of such Phishing scams to come with localised version, specially
targetted for Indians.

First it was ICICI Bank Now its HDFC and soon it might be AXIS or SBI.

play safe, Don't click on any such links in email, your bank will never
ask you to verify your login details or credit card number(They already
have those details).


No comments: