15 November,2010 07:18 AM IST | | Shashank Shekhar
Rs 1,31,000 stolen from bank account over one week
Beware of replying to any e-mail purportedly sent by your bank without proper authentication. Vivek Dabral has learnt this the hard way. All the Noida-based marketing executive did was reply to an innocuous looking mail.
"In the month of October I got a mail from my bank asking me to verify my account details.
Representative pic
The mail appeared so authentic that I replied and didn't even check my account. Although it was a salary account but I was using it for my savings. On November 11 when I tried to open my account through the Internet, I couldn't do so with my existing password. I asked for a new password after and when I checked the account I found Rs 1,31,000 missing. I immediately informed my bank," said Vivek.
The money was so smartly withdrawn from the account that no one could smell any foul play. "There was Rs 1,42,000 in my account and now only Rs 10,531 is left. According to the bank statement, from October 25 to November 1, the hacker made 146 transactions from my account and the maximum amount which was withdrawn from my account was Rs 2,000.
Most of the transactions were of mobile payment from Mumbai and Gurgaon. Fortunately 13 transactions made returned as refund as transactions failed. I have given a written complain to the police and have asked for complete details from the bank," said Vivek.
The mail which pretended to have come from the bank mentioned: "In view of the Govt. of India directive to mobile operators, all the corporate SMS messaging services have been blocked till 11th of October 2010. This period may increase.
In view of this exigency, Axis Bank Net Secure Code and transaction alerts delivery has been affected. Therefore, till the Govt. of India permits restoration of the system, Axis Bank customers may not be able to conduct Internet Banking transactions that use SMS for delivering the NetSecure code. This is a regulation by Govt. of India and beyond Axis Bank's control.
We have attached a form to this email. Please download the form attached to this email so that you can fill and submit it online to us. To enable us serve you better."
Like most other banks, Axis bank too has issued an advisory. "Axis Bank does not ask for personal security details like your Internet banking or phone banking passwords on the email, phone or otherwise. Never disclose your passwords to anyone, even to the bank's staff. In case you get an email or a phone call asking your personal security details or a Bank staff approaches you to disclose your password, please report to us. You can send an email to ibrm@axisbank.com."
What is phishing |
Phishing is a technique employed by scamsters to illegally procure personal information like account numbers, Internet banking user ids and passwords, etc. The most frequently used method is to send a spam email to a large database of email ids say, all gmail ids or all yahoo ids. The spam email is designed in such a way as to look exactly like an email sent by the targeted company / bank. The email simply asks the recipient to click on a link and enter their user id and password. Different techniques are used to lure the recipient to click on the link: validation of account information, threat of account suspension, etc. |