Though there weren’t any reports on financial loss due to this, no one has to think twice to understand the motive behind such an email. Fraudulent emails are becoming rampant as internet banking has grown in popularity. Lets try to examine a fraudulent email from real life so that you could identify it when one such arrives in your inbox one fine day. Let’s also go through a few measures that could be adopted so as to ensure that you would not be devastated by an innocent looking email.
Shown below is the screenshot of an email one of my friends got in his inbox. It’s supposedly from Bank of America saying that the bank requests the recipient to start a client details confirmation procedure. A link to click-on to start the confirmation procedure was also shown in the email.
A perfect link it was and when it was clicked, the following website got opened.
The site asked for the online user-id and password among several other details. It looked as authentic as it could be. For a reference, have a look at the actual BankAm website below.
Now what all are the catches. Let’s examine the email and the opened website in detail.
The sender’s id in the email was some reference number @ bankofamerica.com. How could this be possible? Is it possible for anyone to send an email with someone else’s email id at the sender’s place? The matter of fact is it is very much possible to send an email with someone else’s email id in the sender’s place. People who are working in the IT industry would vouch for it. You can feed in any address to the email sending function and it will send emails as if the sender’s email id is the one that’s entered.
Now the URL shown in the email is, http://www.bankofamerica.com/onlinebankingid1073531410/session.cgi
One would wonder what problem does this email have? The catch here is the address to which the URL takes you need not be the URL that is displayed on the email. Let’s have a look at the URL of the site that got opened when this URL is clicked. It is, http://www.bankofamerica.com.onlinebankingid1073531410.ezgor.biz/session
You may not see any difference between the two, but if you notice closely, there are a few changes in the two URLs. There is an extra ‘ezgor.biz’ in the site that has opened. Second thing is most of the ‘/’s in the shown URL are replace by ‘.’s in the site opened. Now in the internet world, a ‘.’ signifies a sub-domain of a main domain, like mail.yahoo.com of yahoo.com where as a ‘/’ denotes a sub-folder in a sub-domain or main domain. Now what this turns out to be is that bankofamerica.com.onlinebankingid1073531410 is the sub-domain of the site named ezgor.biz, which is a fake site opened by the frauds and is not the site of Bank of America. The sub-domain name is well crafted so as to look quite real. The fraud site was made to look exactly similar to that of Bank of America website so that people won’t feel the slightest of doubts about it.
In the internet world, such activities to get hold of confidential information by masquerading as a trustful entity are termed as ‘phishing’. New age browsers carry phishing filters along with it, which verifies the entered URL with universal databases of phishing site names and warns you in case the site is found out to be a phishing site.
Going forward, here are a few steps you could follow to protect yourself from being cheated.
Ever since its inception the internet has made our life simpler to a great extent. But every good thing has its own flip side. Spam and email fraud would account for that in the internet world. With a little care, enjoy your online experience to the fullest and make the most out of it.