But, what the email said and what it wanted us to do made me slightly suspicious. Read on to find out how smart and intelligent hackers and spammers have become. The email was so legit that if I hadn’t been careful some moron hacker would’ve got my hdfc bank netbanking id, password and all other authentication information.
What the email looked like:
That looks perfectly legit right? The Logo, the email address etc??
Things that Raised Suspicion:
1. If the bank upgrades its security server, it does not mean that the security information entered by existing users will be lost. I work for a Bank and I know this for a fact. Whenever any upgrade happens on the bank’s side, none of the existing customer information can/will be lost or missed. Even in the remote probability that you are the one-among-the-billion bad luck guy whose information was lost, the bank will call you by phone and ask you to visit the branch to get it fixed. They will NEVER and I mean NEVER send such one-sided emails that ask you to update some info in some random website.
2. Why follow an attached email? Why not place details in the same email?
3. No Bank can suspend services to the customer unless and until there has been legitimate illegal activities on the bank account. Unless you are a smuggler or a drug dealer this “Account being Suspended” cannot be done without proper reasons. Even in such cases, a hard copy letter will be sent to the customer’s residence address with steps to follow which you must do by visiting the branch. Even in this internet-age where everything can be done via computers, banks still expect the customer to visit the branch for certain critical activities and “Our account being on the verge of Suspension” is one of them…
4. The Attachment was not a document or an email as claimed. It was a .html file.
Did I stop?
Of course not. Though I was suspicious, I thought this would be an opportunity to find out how smart hackers have become and most importantly to share such malicious emails with my beloved blog readers…
The Attachment Read as below: (Again with all legit HDFC Bank logo)
We are sorry for any inconvenience this may cause you. Please kindly click on “NetBanking Instant Update” below to update your account
NetBanking Instant Update
NOTE: You are strictly advised to match your information correctly to avoid service suspension.
Thank you for banking with us
Online Security Team
When I clicked on the link it took me to a page that looked exactly like the HDFC Bank’s net banking web-page. My first reaction was plain and simple “Freaking WOW!!!” see it to believe it…
Can you spot the difference??? The website reads srfeliu.es and not hdfcbank.com…
Ok… I did not stop here. I went ahead and entered 12345678 for the 8 digit customer id in this page. Guess what happened?
It took me to a page that looks exactly like the next page that comes up when you login to your hdfc bank account. To make things interesting the Customer Id field is now “Undefined”. An unsuspecting customer might think that this is because his account is suspended and quickly enter the password and hit continue… I knew this was a fake and so entered some random password and hit continue…
You wont believe what happened next. It took me to a page that asks me to enter my bank account number, my ATM card number, the PIN number, the expiry date and my phone number. All the info that is needed for someone to use your account information right??? I gladly entered some non-sense information in the website and clicked continue…
Remember – no bank will ask you to enter all this information in their website. They already have it. Think this way – if you were a bank and issued debit cards and bank accounts to customers, will you ask them to enter them again and again everytime there is some upgrade in your system? Most importantly why should I enter my ATM pin and card expiry date? All these are red-flags that you must think of before you enter any personal information in any website.
You will never believe what happened next… I was taken to a page with the same stupid URL but looked exactly like HDFC Banks home page, perfect with all those flashing animations on the home page that were added just a few weeks ago… see it to believe it.
Do you know the best part??? If I click on NetBanking and hit the login button in this page, it is taking me to actual HDFC Bank’s internet banking login website. I checked the URL of the page and it read “hdfcbank.com”. if I had entered my details in that page and logged in, the system would’ve let me login because after all it is the actual hdfc bank website and as a customer I would’ve been relieved that after I entered my details the system let me login. But the point here is, the hacker now has all the information he needs to drain our account of all the money we have…
I did not enter my details in that page. I cleared my browser cache and temporary internet files to ensure that even if this random URL had placed some cookies to track my browsing, they will be cleaned up.
If you receive any emails like this (irrespective of the bank you have an account with) please delete them immediately. Do not click on any of the links in the email. Unless you are extra careful & cautious, it is extremely easy for hackers to gain possession of valuable information that can prove extremely costly for us…
Things to check & do
1. NEVER click on links in such emails
2. ALWAYS type the website/URL of your bank in the browser yourself. Be it icicibank or hdfcbank or some tomdickandharrrybank. Make sure you enter it yourself
3. ALWAYS check if the website prefix is https and not http. If you check the URL in this hoax website it is http because getting a security certificate for a hoax website is not that easy. If the website is your banks legit internet banking website, it will have the https prefix
4. NEVER enter your personal information like bank account number, ATM card number, Credit Card number, card PIN numbers, CVV numbers, Expiry dates etc in any website that wants you to enter them for some random confirmation or verification. Even if it is a legit website, they will never ask for your ATM Pin number. Legit payment transaction websites ask for card number, cvv number and expiry date but that is perfectly legal and they will not mis-use the info you enter. So, be careful when you enter such information.
5. ALWAYS update your anti-virus signatures and definitions to ensure that malware and spyware will be caught & taken care of by the anti-virus software before they do any actual damage…
Last but not the least, forward the link to this article to all your friends and relatives who may or may not have an HDFC Bank account. They definitely need to know that such a spam email is doing rounds so that they can safeguard their hard earned money…