I received an email yesterday from RBI stating that they are tightening their security controls for all the banks that come under. And, I must click on a link to start the process. The mail in verbatim as below, sans the url.
We have lunched new security, its mandatory for all customers in all banks in India, to get protected.
Kindly follow bellow, choose your bank and get started.
Start the process here
Reserve Bank Of India
The mail originated from Reserve Bank Of India firstname.lastname@example.org via triboo.it.
As I was reading this mail on my Samsung Note, I starred the message for later reading. When I read the mail again on my laptop this morning, something did not seem right. For starters, the mail is extremely generic and there was a spelling mistake. And, I have a number of bank accounts, so in effect I should have received a number of emails, which was not the case.
I wanted to follow the trail to see where it goes. And, the link took me to the page as displayed below.
The page gave me a list of Indian banks and I was instructed to click on my bank and the link led me to a fake site which looked exactly like my bank’s online portal. The ruse is that I need to enter my banking username and password and these details go into the scammer’s database, thereby stealing my bank login details. A classic case of online banking phishing.
What should you do when you receive such mails?
I was quite surprised that Gmail did not think that this was spam and was delivered to me on a platter. So, if you do receive such a mail, make sure you don’t entertain the phishers by clicking on the links and logging into your online banking system. If in doubt, call your bank to check to verify. Also, as a precaution, always log into your banking account by keying in the url rather than clicking on links provided on mails.