SBI Customers Beware of Phishing Mails!

by CXOtoday Staff    Nov 16, 2006

‘Phishing’ has now laid its bait at the unsuspicious State Bank of India (SBI) customers. Websense Security Labs has issued a statement saying that net banking customers of SBI are witnessing increased phishing mails.

The customers receive a spoofed email message claiming a need to update banking information for server upgradation. The email provides a link to a phishing site that attempts to collect personal and account information, the statement said.

The Phishing email text is reproduced below:

Dear valued SBI Netbanking Customer,

SBI’s Internet Banking, is hereby announcing the New Security Upgrade. We have upgraded our new SS: servers to serve our customers for a better and secure banking service, against any fraudulent activities. Due to this recent upgrade, you are requested to update your account information by following the reference below.

Customers Service
State Bank Of India

The phishing site was hosted in the US and was up at the time of this alert.

The lab has received similar reports from other banks as well. However, SBI is the only Indian bank, among these.

It may be recalled that in the month of July, anti-virus and content security software provider, MicroWorld Technologies discovered a phishing mail in the name of ICICI bank, targeting customers aiming to con them into revealing sensitive financial information.

Though, phishing is a new phenomenon in India as compared to the US, South America and Europe, but it has witnessed an increase, specially among bank customers opting for net banking.

An anti-phishing working group report published last June said that phishing incidents in April 2005 rose to 15,050 globally.

The number of unique crimeware instances detected which were dedicated to password stealing nearly doubled from 79 in May to 154 in June. In a similar trend, the number of password-stealing malicious code URLs detected grew from 260 in April to 495 in May and to 526 in June, the report stated.