Thread: Fake emails from ICICI account

Guys look what I have received today in my inbox:

From:
"ICICI Bank"<info.security@icicibank.com>

To: <recipients undisclosed>

Subject: Alert!! Your Online E-Banking Account has been Violated

Date: Wed, 19 Aug 2009 02:58:48 IST


Dear Valued Customer,

We have been forced to an unusual system upgarde, which lead to the suspension of all online accounts.

We therefore request that you update your banking details, for your online https://reactivation.personal.icicibank.com/rea ctivate_acct.jsp


Thank You.
ICICI Bank
Online Banking Customer Services


--------------------------------------------------------------------------------
Important Notice:- You are strictly advised to match your details correctly to avoid permanent account suspention.

ICICI Bank PLC. Registered Office: 9th Floor, South Towers ICICI Towers Bandra Kurla Complex Bandra (E) Mumbai.
Registered Number 2294747. Registered in India.
Authorized and regulated by the Financial Services Authority. FSA registration number 106054. For
more information visit www.fsa.gov.in/register. ICICI and the ITS logo are registered trademarks.

The email is totally blurred which itself describes the story.

The motive of this thread is to make you guys aware that please don't go and update your personal details like username, password, DOB etc. as these emails are totally fake. Try to contact your branch and speak with the officials.

this's the message i got when i tried to visit the link in the site !

123.PNG

Thanks for the info manish :thumbup:

Thanks Manish. Deserves a rep +

Thanks NP and dilip.

Thanks for sharing the info Bro. Repo+++

Originally Posted by Rameshjeee

Thanks for sharing the info Bro. Repo+++

Thanks Ramesh

It is good that you shared an important information. Thanks Dragon!!!

Just yesterday i got a nigerian sms. So i am replying to it. Maybe i get 100 million pounds as the sms tells. :tt2: i will be richer than admin. Haha

Originally Posted by mickey

Just yesterday i got a nigerian sms. So i am replying to it. Maybe i get 100 million pounds as the sms tells. :tt2: i will be richer than admin. Haha

Great. Best of lUck else see you in next life

Manish,did you info to icici bank about this. If not then info them.

I tried to find out their email address but on all their official sites they have online feedback forms. No email address provided. I managed to get one email address i.e. customer.care@icicibank.com, but not sure if this is authentical.

Any idea?

Do the following:

Go to ICICI Bank | Personal Banking | NRI Banking | Corporate Banking | Business Banking
Click on Personal under Login
Click on "Report a suspicious e-mail." link under the login button.
Enter the required details & click on Submit.

Refer the below screenshot for your help:

That was a phishing script sent to you by a cracker. But most dumb script & message ever to be written. More elegant way of phishing exists. anyway rep+ to dragon.

Originally Posted by Rameshjeee

Do the following:

Go to ICICI Bank | Personal Banking | NRI Banking | Corporate Banking | Business Banking
Click on Personal under Login
Click on "Report a suspicious e-mail." link under the login button.
Enter the required details & click on Submit.

Damn, Logged in there hundred of times but never saw that link.
Thanks Ramesh, Reporting now.

Originally Posted by Luke Skywalker

That was a phishing script sent to you by a cracker. But most dumb script & message ever to be written. More elegant way of phishing exists. anyway rep+ to dragon.

LOL...Thanks Luke.

Please don't write a good script for them.

That method is simple. Time-out the user & give him script then . That's why whenever time out happen, I always do refresh. So that fake packets send should be removed & new one come. That's why I will recommend whenever anyone having time out to refresh his page.


This method is not used much because it is too difficult for script kiddies which are major cause of concern. But a cracker will always use this method. This method hardly raises anyone suspicions.

Done...........

icici.JPG

Originally Posted by Luke Skywalker

That method is simple. Time-out the user & give him script then . That's why whenever time out happen, I always do refresh. So that fake packets send should be removed & new one come. That's why I will recommend whenever anyone having time out to refresh his page.


This method is not used much because it is too difficult for script kiddies which are major cause of concern. But a cracker will always use this method. This method hardly raises anyone suspicions.

Also read this everyone. This applies to any account whether bank or email or any other.

Thanks Luke for the valuable information. You are a master of all.

Originally Posted by Luke Skywalker

That was a phishing script sent to you by a cracker. But most dumb script & message ever to be written. More elegant way of phishing exists. anyway rep+ to dragon.

one thing I don't understand is that how domain name is same, and what is the meaning of error in post #2 ?

Originally Posted by Luke Skywalker

That method is simple. Time-out the user & give him script then . That's why whenever time out happen, I always do refresh. So that fake packets send should be removed & new one come. That's why I will recommend whenever anyone having time out to refresh his page.


This method is not used much because it is too difficult for script kiddies which are major cause of concern. But a cracker will always use this method. This method hardly raises anyone suspicions.

sorry can't understand, pls explain.

Np, you're contradicting my post :32:

Originally Posted by Dragon

Np, you're contradicting my post :32:

where , what , how

Originally Posted by newprouser

one thing I don't understand is that how domain name is same, and what is the meaning of error in post #2 ?


sorry can't understand, pls explain.

What is there to understand?Ever heard of forging. You first give a script which looks like ICICI & then when user type old info to confirm & change his info. His info is transfer to one who had send you the script.

Second one is based on network analysing. To understand you have to know that every info hat is passed can be sniff & anyone can send info in place of you & to you. That method is quite difficult to understand. You will have to study about network analyzing.

Originally Posted by Dragon

Thanks Luke for the valuable information. You are a master of all the crackers.

Dragon. Cracker word is saying me a rapist according to me . Apologize & edit it. I am not a cracker.

^ I apologies if you felt so, but I don't know the exact word.

P.S: Its really strange that you think yourself a rapist.

Originally Posted by Luke Skywalker

anyway rep+ to dragon.

Dhokha

Where is my rep?:32:

Cracker like rapists don't have any ethics but I have ideals & ethics. I will explain cracker hacker & script kiddies later.

Originally Posted by Dragon

^ I apologies if you felt so, but I don't know the exact word.

P.S: Its really strange that you think yourself a rapist.



Dhokha

Where is my rep?:32:

Recheck it now.

thanks, you're safe for now.