Internet is not a very safe place anymore, you need to keep very alert and aware of the details behind the emails that you get. Two days back I got an email from “email@example.com” email id. It did looks like legitimate email from the State Bank Of India at the first looks, but it was a fake phishing email from some cyber criminal. In this post I will show you how I identified that it was a phishing email.
There are a few points which I share with you here to identify if an email is Phishing attack email or a genuine email:
1. Check the email id of the Sender :
Most of the times, phishing emails will be from some domain which is not a genuine bank or organization email id. For example, in the above email, the senders id is firstname.lastname@example.org, whereas the official domain name of State Bank of India (SBI) is “www.statebankofindia.com” and not “www.sbi.com” . If you find the sender’s email id suspicions, this email might be phishing email.
2. Check the recipient email id:
If recipient email id is not visible or the email id is not your id registered with bank or organization, there are high chances that the email is a phishing email.
3. Information Requested in the Email:
Banks never ask you to provide your personal account details via email. Especially information like your login id and password of security questions. If the email is asking for any of these things, there are very high chances that the email is a phishing email.
4. Presence Of A Form or Link In Email:
Most of the phishing emails have links to login pages which look just like the official page of the bank or have forms which look like the login forms on the official website. Never click these links to open enter your bank details. If anyhow you want to access your bank or other details, type the URL carefully yourself instead of clicking the link in the email.
In the email I received, there was an HTML page attached as shown below, the page contained a malicious link with a fake form. The page looked exactly the same like SBI login page.
Attachment file containing phishing link
Fake SBI Login Page
To identify if a page is fake or genuine, see its URL carefully and click on the URL information box. It will show you certificate information etc. Also the browser will identify the https page, the genuine login pages usually start with https URLs while the fake ones will start with http URL.
Below is the genuine SBI login page which I opened manually by typing the URL of onlinesbi.com to compare it with the fake website link I got via email. It looks exactly the same, but the browser shows it green and safe, URL starts with https, also the URL has a valid digital security certificate and identification.
Genuine SBI Login Page
5. Presence of an Attachment File:
Usually banks send out only PDF or Excel files as attachments to their customers for the information purpose only. Many of these files are password protected to avoid misuse of Information. If you receive an HTML file, or HTM file, or MHT File or any other file containing links, the file might contain phishing links, spywares, viruses etc.. Never open such files until they are from a legitimate sender and to be sure, first scan the file with your anti-virus tool and then only open the file.
When I analyzed the file sent to me in this fake phishing email, I opened the HTML file and check the source, it contained the phishing URL which is “http://www.jonathangosselin.info/wp-online.php” which further redirects to “http://btsconferencing.net/koolslidemenu/sbi/indexx.html” which shows a fake SBI look-alike login page designed to steal people’s SBI login information and steal their money !
6. Warning Messages and Security Alerts
If you get a warning message or alert via email regarding any of your accounts or online profiles, its always recommended that you make a phone call to the bank or concerned organization and check with them if the alert is real or a phishing attack. If at all it is a real alert, then its recommended that you open the website by typing the URL and then performing the required action.
With all these cyber crimes and threats all around the Internet, we recommend you to stay safe and use some effective anti-virus tool. Also, be alert when you download any email attachment or click any link you got via instant messaging or email.
Hope these general guidelines will help you stay safe from online identity thefts and online security issues. You can get free email updates on more computer security tips by signing up for our free email newsletter.