BannerPortlet

Blogs

Bkis' malware monitoring system recently detects a new wave of attacks targeting the customers of Bank of India.

Bad guys fake the Bank of India to send mails to customers with content about online banking system upgrading, detail is as followed:

BankofIndia1

Bad guys will trick users into clicking the embedded link in  the email leading to a website with the interface similar to that of the genuine site. The account information of users will be stolen as soon as they type in the information at this fake site.

BankofIndia2

 

Fake website

If users do not pay attention to the domain name on the address bar, it would be really difficult for them to distinguish the fake and real websites.

BankofIndia3

Genuine website. Can you distinguish the two websites?

One more noticeable point is that: there is one warning about “Phishing attacks and Vishing attacks” right on the fake website :). The bad guys manage to built an almost-identical website, even including this feature. It is likely that Bank of India has also been aware of the attacks and is trying to  warn its clients.

These fake websites have variable domain names and is in no way related to banking. In some other similar phishing attacks, bad guys often create  domain names similar to the real websites, which makes it easier to fool users. In this case, there is a high possibility that the hackers have hacked some web server then taken advantage of the server to build phishing sites.

Analyst: Toan Duc

Leave a Reply

Name (required)
Mail (hidden) (required)
Website
Text to Identify
Reload-Capcha
CAPTCHA Code *

Popup Date Time Portlet

Blogs Aggregator

Blog Category Portlet

Categories

Store Portlet

Archives

Vote Baby Portlet