Hacked: Hacking Finance

Phishing Malware Strikes One of the Largest Private Banks in India

Introduction

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.


LATEST POSTS

Fidelity Investments CEO Embraces Bitcoin And Blockchain, Cites Challenges 25th May, 2017

Mid-Cap ETFs: Growth And Stability At A Better Value 23rd May, 2017

Cybersecurity

Phishing Malware Strikes One of the Largest Private Banks in India

Posted on .

Comodo Threat Research Labs, a provider of computer software and SSL digital certificates, based in Clifton, N.J., has discovered a malware attack targeting ICICI Bank, a multinational bank based in Mumbai, Maharashtra, India. The bank has more than 4,000 branches and 13,000 ATMs in India.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

Comodo 1

Fake email disguised as official bank notices ask recipients to update banking details and say the update is mandatory. The sender is [email protected] which appears legitimate at first glance, but the domain name is not connected to the bank.

Comodo 2

Comodo 3

The bank’s website fraud page urges customers to report emails claiming to be from the bank regarding sensitive information such as account number, PIN or password by forwarding the email to [email protected]

Email Seeks Personal Data

Within the phishing email itself, the attackers ask the victims to click on a mandatory hyperlink to fill in personal and professional information. When the victim clicks the link, they arrive at a landing page where they can choose to update personal or corporate information. Either of these will take the victim to a new landing page where they are asked to confirm information such as password, transaction password, user ID, debit card number, email password and debit card number.

People receiving the email should make sure to look at the URL of the site asking for the information, Comodo noted in a blog. The hosting site is not affiliated with the bank. It is: www.gomiapp.com/rajesh/images/patterns/icici/.

The Comodo team identified the ICICI phishing email by the domain, IP, URL analysis and image analysis. The team notified the ICICI of its findings.

“Through our specific IP and URL analysis – as well as the Comodo Threat Research Labs’ continuous monitoring and scanning of data from the users of Comodo’s security systems, our team was able to identify this specific phishing email scam and alert the public to it,” noted Fatih Orhan, director of technology for Comodo and the Comodo Threat Research Labs. “As a company, we work diligently to create innovative technology solutions that stay a step ahead of the cybercriminals and keep enterprises and IT environments safe.”

Also read: Report: Cybercriminals are cooking up malware in record numbers

Ducking Phishing Scams

Customers receiving emails should never provide this information in response to the email, ICICI noted on its website.

Customers who notice unofficial ICICI bank website should advise the bank in writing to [email protected] and to call the customer care or visit customer service here.

Comodo, in another blog. noted that ransomware attacks are increasing. John Peterson, Comodo’s vice president of enterprise products and product marketing, said Comodo’s containment model allows unknowns to run in a protected environment until they are determined to be good. At this point, they are released or determined to be malware, in which case they are removed from the system.

Featured image from Flickr.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

DON'T MISS OUT

Lester Coleman

Lester Coleman

Lester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.

Comments
  • user

    AUTHOR ICICI Cares

    Posted on 5:57 am February 25, 2016.

    ICICI Bank has a robust and multi-level security system for all its banking channels including our internet banking to safeguard our customers from fraudulent attacks including phishing.

    The phishing page which was hosted on the third party website does not exist and hence, it does not pose any threat to our customers. In addition, we have a proactive monitoring process to detect such phishing page/site, which are immediately brought down. In order to expand the vigilance, we even request our customers to bring to our notice as and when they come across any such phishing site. ICICI Bank never asks personal, account or financial information from our customers via e-mail or by directing them to a link online. On an ongoing basis the Bank advises its customers to not reveal their details to anyone. Readers and customers are requested to forward such e-mails to [email protected] along with your contact details.

  • View Comments (1) ...
    Navigation
    Patient and hospital records are at serious risk of hacking…