Just now, while I was on twitter, I received a tweet saying “Now, This is serious.. online banking fraud! http://bit.ly/W8WD4 ‘, So out of curiosity I followed that link to the blog post. It was, as it said, was about a phishing site. The post was Now this is serious!!! by Arnab Mitra on his blog Intelligent Marketing . In the post the author Arnab Mitra described his experience about Online Bank fraud. He first receives a mail (gmail filters failing )
(Image Courtesy- Intelligent Marketing - Now this is serious!!! by Arnab Mitra)
This mailer did look exactly like an alert from his bank, which needed an urgent attention. So he clicks on the link provided in the mail ( link: https://infinity.icicibank.co.in/BANKAWAY?Action.RetUser.Init.001=Y&AppSignonBankId=ICI&AppType=corporate&abrdPrf=N
This link actually shown is the correct bank link but actually it links to http://www.french-eng.co.uk/tmp/cache/indexx.html )
And if you click this link in FireFox, it allows it and looked exactly like the real banks page-
(Image Courtesy- Intelligent Marketing - Now this is serious!!! by Arnab Mitra)
So curiously I also tried it in Firefox which took me to this and when clicked on Personal Button opened the site as shown above, So Firefox failed to detect this phishing site.
Now I tried in my default Browser- My Internet Explorer 8, Yes IE8 !! And when I clicked on the link it took me to this -
(Click on the image to enlarge)
IE8 blocked the site and it clearly warned ‘This Website has been reported as unsafe’ and recommended not to continue to this web site. This is one example of Security feature in IE8.
Any common person who might have received this kind of fraud mail is most likely to fall in this trap. The author Arnab Mitra was attentive enough to have noticed this, though Firefox allowed it. I have heard and had seen screenshots of such sites earlier also, in that case ICICI only but after reading the blog post by Arnab, I also decided to try it. Thanks to Arnab, I’m also carrying his blog post forward and alerting people of such Phishing sites. I request to make use of IE8 which is one of the Safest browser. I always use IE8 for Online Transactions without fail. So this is why one should use IE8 . You can get IE8 from here , and its Free !
Recently I also had come across a post from IE8 team : Real-World Protection With IE8’s SmartScreen Filter™ which said -
“………However, phishing remains a prevalent and important threat to users as well. We’re continuously making improvements to our data sources and intelligence systems that deliver phishing protection. This continuous investment keeps IE in the market-leading position it established with the release of the Phishing Filter in IE7. Since then, Internet Explorer 7 and 8 have blocked over 125 million phishing attacks.
The newest NSS study included a test pass for phishing blocks. NSS Labs reported the following block rate for major browsers:
You can view the full NSS study at http://nsslabs.com/browser-security.
And this was a real world example where one can be easily cheated if he is not using IE8 or is not attentive enough.This is one of the reasons, why one should use IE8. Thanks IE8 !