For quite sometime now we have been actively monitoring phishing attempts on Indian Banking websites. Almost all of the times, it has been observed that the email-ids being used to collected the phished data had Indian traces or at the least, gmail / yahoo email-ids being used for the purpose of collection.
However, this time around, when we intercepted a similar phishing attempt on ICICI Banking customers, it was observed that Russian email-ids were being used for collecting the phished data.
Source Code
ICICI Bank Phishing Site
Anyone in this world is free to use Russian email services, however the main language is Russian and for a person who wants to collect the victims data, will seldom go to the extent of utilizing Russian based services, unless and until their primary language is Russian.
Secondly, previously known phishing attempts were already using gmail / yahoo , so logically the question arises – why would they digress away from a service which they have been using for such a long time?
Has the Russian Criminal Network found India to be a lucrative hunting ground? Logically, I can only summarize that, the previous gang was finding Indian Banking customers as a very easy target due to which , they never ceased their phishing expeditions and in all probability Russian Criminal Network might have observed this upward trend and decided to put in their few cents of efforts to tap into the Indian online banking scenario.
Overall conclusion is all the Indian Online Banking users , irrespective of the Bank , need to be extra careful and Indian Banks should be more vigilant about these attempts.
Till then, stay safe.
