July 2010 was the month for phishing attacks on Indian banks. A three percent increase in phishing attacks on Indian banks from the previous month has been observed. In particular, Symantec has observed phishing websites that spoofed the Oriental Bank of Commerce—several phishing URLs spoofing the bank were reported in the month of July. In fact, the bank was one of most targeted Indian banking brands during the month. The phishing site that spoofed the login page of the bank asks for confidential information, such as the customer’s e-mail ID and transaction password. The fraudster’s motive of stealing the login credentials was financial gain. A free webhosting site hosted the phish site. It is quite evident that fraudsters are targeting Internet banking users by increasingly creating more phishing sites and spoofing as many popular Indian brands as possible. Online banking users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams: • Do not click on suspicious links in email messages. • Check the URL of the website and make sure that it belongs to the brand. • Type the domain name of your brand’s website directly into your browser’s address bar rather than following any link. • Frequently update your security software, such as Norton Internet Security 2010, which protects you from online phishing. ------------------- Note: My thanks to this blog's co-author, Ashish Diwakar.