Today for my email account [email protected], I received two emails from this domain “netpnb.co.in” with a subject “PNB- Your e-mail address has been successfully updated” and asked for my net banking details, stating that some one has changed my email account attached to PNB Bank and they sent attached a email reset form and asked to use that one.
Immediately I thought someone comprised my net bank account, but my inner sense told me to read that email clearly, so I went to known the origin of email and found that it is from fraudulent domain netpnb.co.in, but actually the real domain of Punjab National Bank for net Banking is Netpnb.com and another funny thing I noticed is, there is a lot of typos in that email. I read it some where that this is one of the identification of phishing emails.
The email reset form looked same as the PNB net banking form, but at same time it asked account password and Transaction password and the clever reset form is loaded with on-screen keylogger which even disabled Zemana Antilogger and this means what ever I type will be recorded and will be sent to those online crooks.
Another check is, I typed some details in that form and clicked “submit” button, Immediately it went to Pnbindia.in, which is another fake PNB domain and which completely looks like the real Bank domain.In tech terms it is called email phishing.
So I went to contact PNB toll free number 1800 180 222 (yeah free service, it sucks) and I received a number busy message for about half an hour. So I contacted the paid number “011-23708151 / 23716659” and reported this phishing attack. Alternatively I forwarded this email to [email protected] and asked them to take down that site.
Note: No Bank in India will send an email to you about your account password rest or Transaction password reset details. If you got these kind of details read the email twice and call your Bank Customer care.
So PNB users beware of these domains:
Below I will provide the Fraudulent email, that I received
From: Punjab National Bank [mailito:[email protected]]
Subject:Your Punjab National Bank e-mail adress was successfuly updated
Dear Punjab National Bank member,
You have added [email protected] as a new email address for your Punjab National Bank account.
If you did not authorise this change, check with family members and others who may have
access to your account first. If you still feel that an unauthorized person has changed
your email, submt the form attached to your email in order to keep your original email
and restore your Punjab National Bank account.
If you are using Internet Explorer please allow ActiveX for scripts to perform all data transfers securely .
Thank you for using Punjab National Bank !
The Punjab National Bank Team
Please do not reply to this email.
This mailbox is not monitored and you will not receive a response.
Copyright © 2010 Punjab National Bank. All rights reserved.
To see the Image clearly click this link http://i41.tinypic.com/2rrqxck.jpg
Thanks Ramakanth… I have one question. How did you check about on screen keyloggers..!!?
In this case the mouse pointer behaved suspiciously when I hover it on that site, Immediately I checked Zemana Antilogger on windows status bar, it was already disabled. When i tried to open it I got memory invalid error.