Phishing: Security Alerts from HDFC Bank

Thursday, August 28, 2008

There was a wave of emails coupled by phishing attacks for ICICI Bank customers and it has considerable slowed down. Today I saw this email in my inbox claiming to be from netbanking@hdfcbank.com - Which says it is a Security Alert that I need to enter my Customer ID and IPIN so that the technical Crew HDFC can perform a security upgrade.

You can see the actual Email below.

There are many mistakes in this email and I wonder why the AntiSpam didn't pick it up.

1) The SPF test for this Email Server Fails, It is coming from 208.78.58.98 - host98.xicom58.juch-tech.com, Located in Canada where as Hdfcbank.com is a different IP altogather.
2) The Link is pointing to http://hdfcsecuredataaccess.agilityhoster.com/ instead of HDFC Bank.
3) AnyBank will not send an email which such poor layout.
4) No Bank will send such an email to its customers to enter their Login details on a website.

This kind of Phishing attack is nothing new, But looking at the recent pattern's of growin phishing attacks and web malware there is lot more of such Phishing scams to come with localised version, specially targetted for Indians.

First it was ICICI Bank Now its HDFC and soon it might be AXIS or SBI.

Just play safe, Don't click on any such links in email, your bank will never ask you to verify your login details or credit card number(They already have those details).

1 comments:

Anonymous said...

is there a way to stop spam ?

i get 3 personal emails and 150 spam email everyday like icici axis bank asking me to add my bank account details but i dont have account with that bank then why email me for it.

  © Blogger templates Newspaper by Ourblogtemplates.com 2008

Back to TOP