November 4, 2007

Phishing targets HDFC

Hey, i just got an email from "Service@hdfcbank.com".

The subject-line was really persuasive -
"Urgent Notification! Your Account is Suspended". Though "urgent" is considered as a spam word but this subject-line must have got them a good open rate.

It said that my account has been accessed from some foreign IP and as a precautionary measure they want me to login to my account. The content really enticed me to login to my account but then I remembered that I don't have an HDFC account ;-)

The landing URL of this email is

http://www.mycareerchange.com/chat/nick_image/page.html
( note that is not on https :-)

whereas the original HDFC URL is

https://netbanking.hdfcbank.com/netbanking/

So be careful and never share your account details on such emails.

I am attaching the email below.

-------------------------------

Dear Hdfc Customer,


We recently noticed one or more attempts to log in to your
Hdfc Bank account from a foreign IP address.

If you recently accessed your account while traveling,
the unusual log in attempts may have been initiated by you.
However if you are the rightful holder of the account.
Click on the link below to re-activate your membership and
follow the instructions carefully.

*Re-Activate My Hdfc Account*

If you choose not to complete the request, you give us
no choice but to suspend your account temporary.

It takes at least 72 hours for the investigation in this
case and we strongly recommend you to verify your account at that time.


Hdfc Bank Email ID hdfc9eh9

HDFC BANK LIMITED �2007. All rights reserved Terms of Use | Privacy Policy.