NEWS FROM THE LAB - Wednesday, October 6, 2010

Can you spot what's odd in this image? Posted by Response @ 07:02 GMT


Congratulations, you noticed the mismatch between the page contents — clearly for a bank — and its dubious URL! Another extra point if you suspected something is off in Step 1. That is because on the actual log in page, users are reminded to verify that they are at the correct URL address. Other than these two differences, both pages look identical.

It all started with an e-mail from apparently the Indian Income Tax Department, notifying that you are eligible for a tax refund. The "From" address was spoofed to make it more believable.

Income Tax Department e-mail

Then, you know how the story goes — you click on a link, are tricked into entering credentials, and the bad guys suddenly have the access to your bank account.

Always keep in mind that no authority would ask you to perform confidential action or reveal sensitive data via e-mail. In this case, all needed information has been collected when you do the tax filing. On its website, the Indian Income Tax Department warns users of this phishing attempt, and advises people to ignore such e-mails.

To our Indian readers, don't forget to file your income tax (if you haven't done so already).

Thanks to Kandru and Venu for the tips.


Updated to add: post edited to highlight the phishing elements.