The number of email frauds occurring in India is on a rise. ‘Phishing scam’ refers to a fraudulent activity where the scammer sends fake emails to people and convinces them about the official validity of such mails.
Surprisingly, I have come across a few emails which are targeting the RBI, Reserve Bank of India, and are utilizing phishing tricks to gain information directly from the RBI. The phishing emails contain an HTML file, which upon execution displays a fake page. The page is a replica of the RBI online banking webpage.
It then asks the user to put their confidential information such as corporate ID, user ID, password, debit card no., ATM PIN no. etc. If a user enters this information and clicks on ‘Next’, then all that information gets transferred to the scammer.
The two images displayed above highlight the links where the dishonestly acquired information is transferred.