The online banking credentials of Indian Internet users are targeted with the aid of phishing emails that purport to come from the Reserve Bank of India.
The clever thing about this phishing scheme is that it doesn’t target the information of a certain bank’s customers. Instead, it’s designed to steal information from the clients of numerous financial institutions, including ING, Barclays, CitiBank, RBS, HDFC Bank, Indian Bank and ICICI.
The emails, entitled “All Indian Banks Customers Online News Update” read (via Hoax Slayer):
“Dear Indian Bank Customer,
Reserve Bank Of India, has lunched a new online security protection, for all banks in India, to reduce fraud and theft in various banking system.
This is to enable all customer's online banking in all Indian Banks to get protected and Secured.
Reserve Bank Of India, has introduced a new online protection, called, "Netsecured".
It's mandatory that all online banking customers in all various banks in India, must update with us to get his/her online bank account secured and protected.
Kindly follow the Official update website link below and select your bank to get your Account Secured and Updated.
Click on our official website below to get started.
Thank you for banking with India.
Reserve Bank Of India
In reality, there’s no “new online security” protection. Instead, this is a scam that can help cybercriminals in harvesting sensitive information from a large number of Indian bank customers.
The phishing website requests victims to enter their login credentials, along with other account and credit card information.
Users are advised to beware of such emails and such websites. If you’ve just realized that you’re a victim, immediately contact your financial institution and have them enable account monitoring services.