How to Escape from Phishing

Just few minutes back, I received an email from a popular bank in America about locking of my banking account and requested me to re-login to activate it. I was very happy by looking at the email because of the humor. The simple reason for my laugh is that “I do not have an account with any bank in America. Neither I had one”.

Being interested in Security (these days, I am much inclined towards web application security), I could readily understand that it was phishing. Luckily, it got into my SPAM folder and that positively confirms that it was phishing. I clicked the link and I could see the exact replica of the original site. This is was my impression at the first sight but after carefully watching it for 2 minutes, I can notably see minute differences between the fake and original web site.

For me it was funny as I did not have an account and so I was able to come to a conclusion. Think about people who have an account and the email was delivered to account holders. If the users are not security literate, this can possibly lead to monetary losses. What one needs to do when such an email comes in.

1. First, take the email and do not read in a hurry
2. Spend few minutes to read and re-read, re-read, re-read carefully.
3. If you are good in English (any language) grammatically and syntactically, you will find hell a lot of mistakes. This is enough to confirm phishing as banks never make these silly mistakes in simple English. Also you can find a lot of punctuation errors. This is common mistakes one can find in fake sites.
   
4. Check the origin email account. Usually, the banks will send emails from their domain name.
5. Follow the link and check the address bar. Verify the website. It should resemble your bank website. But you will find mistakes.
6. The email will also have a sense of urgency. For example, take action in next 24 hours.
7. Once you doubt an email, notify the bank (just forward the email you received).
8. Login to the bank account by typing the bank url (if you need) and not by clicking a link in the email. You can notify your friends, a social service
   

The following snapshot is a phishing mail. Check out for errors.

After Two Days
It is in fact, a phishing. I confirmed it after two days the site was blocked and the server was down. The following is the snapshot I took 2 minutes back.