Don’t Get Trapped

This just an awareness for my blog readers . Think of the bad time when you go to your nearest ATM and find out that your bank balance is NILL. Because someone (a bad guy) hacked your account and transferred all your HARD EARNED money. The thing is that if you get hacked its your mistake even !!!. Hacking is not a voodoo magic that someone twitches his wand and empties your bank account. They either exploit a flaw or make your fool and take away your credential from you only. One of such process is called PHISHING.

In Phishing what a bad guys simple does is create a fake login page which resembles the real login page of your bank website’s customer login page but ITS HOSTED ON HIS OWN SERVER. So when you logging in such types of fake login pages the user name and password gets saved into his logs and thus he has all your passwords .

Today I got a mail by one of such bad guy.

at first it might look a real mail from RESERVE BANK OF INDIA . You can see the email is from no-reply@rbi.org.in . But actually it not so. The email system we used today has a flaw that allows anyone to send mail with anyone address. That is called email spoofing . That I will discuss some other day . And you might notice there is a link .
when I opened the link it got redirected to

http://www.classic-gallery.ru/images/smilies/RBI-EDITED/RBI-EDITED/RBI/index.htm

and when clicked over any banks link . It will ask you your bank user id and password .

But if you actually see the link. The login mechanism is being served from http://www.classic-gallery.ru
A Russian domain !!! which is in no way associated to RBI or any other INDIAN bank. So NEVER EVERY TRY TO LOGIN TO THESE TYPES OF FAKE PAGES.

So the best way to avoid your self from getting hacked is to check the URL bar before logging in . And be sure to check that ITS YOUR BANK WEBSITE in which you are logging in not any other.