Attention: All SBI users, beware of new phishing site.

[nRiTeCh]

I just received an email stating it is from SBI about their new security system and asked to me to click on the link which takes to their so called new homepage:- Welcome to OnlineSBI :S

here is the email copy.

[attachment=7073:12981.attach]

I doubt that the site is fake coz it doesnt start with https:// but rather with http://.

Moreover, the new site provides no identity information but almost looks 99% similar to the original ones.

So beware if you receive any such mail.

To make internet transactions always access SBI here:- https://www.onlinesbi.com/

Mods if its a double post you may delete it.

 

[dexBG]

I guess the ALTINYILDIZ Pu-Pvc Sanayi ve Tic. A?. should be the give-away here ..

thanks for the Heads Up.

Original :

This site uses highly secure 256-bit encryption and is compatible with Microsoft Internet Explorer 7 and above or Mozilla 3 and above. If you have an older version of Internet Explorer or Mozilla, please upgrade your browser.

Fake:

This site uses highly secure 128-Bit SSL encryption and is compatible with Microsoft Internet Explorer 5.5 and above or Mozilla 1.5 and above. If you have an older version of Internet Explorer or Mozilla follow these links to upgrade.

Good attempt though I must say ..

 

[Bl^nK]

The domain records show that the registrant is based in turkey

Domain Name: SE*******.COM 

Registrant:
    None
    Vehbi YILDIRIM        ()
    Sarigulluk Mah. 18. Sok. Kerem Apt. No:20/6 Sehitkamil
    Gaziantep
    Sehitkamil,27060
    TR
    Tel. +00.05065939924

But in any case i think you should remove the link to the website as the site may possibly be malicious in nature (using some browser exploit pack) and can infect the visitor's machine.

BTW thanks for sharing

 

[mk76]

Thanks for heads up.

 

[arun687]

Damn that site looks almost the same. Thanks for the heads up.

BTW, I follow a practice where all financial websites addresses are bookmarked and I go to them only through the bookmarks. Better not click on any email's link and login, even if it's from the legit site. Just read the email and if needed to login, use bookmarks to go to the site. Safer.

EDIT: Tried to login using bogus info and Norton promptly blocked the site. :cool2:

 

[MohitPreet]

now when i tried opening it says "account suspended"

 

[NAV33N]

^ same here.

 

[nRiTeCh]

yes now mozilla is reporting it as WEB FORGERY & in IE it says This Account Has Been Suspended.

i guess by now they might have gathered a/cs of many innocent sbi holders. Poor people. And so they might had closed the site. Or the site was closed by the domain due to complaints.

 

[jojothedragon]

SBI will never email you on security matters such as your pass or id.

--- Updated Post - Automerged ---

WOW! quick heal blocked it. phew!

 

[kris]

Whoever wrote that fake mail did not care much to check the spelling and grammar.. 'mixmium' security?

 

[jojothedragon]

:rofl:

Lame Pishers :baby:

 

[siril_k]

are the login details of SBI Bank a/c for such phishers of any use, bcoz SBI uses SMS based security for any transaction, password change or any any change on a/c so is it of any use of hacking the a/c? The user can reset the pass by going to bank or use SMS service.

SBI is been following SMS based security for ant TXN since 3-4 months..

 

[nRiTeCh]

for new a/c holders yes the sms based security services come complimentary but for old users it needs to activated on request.

 

[arun687]

are the login details of SBI Bank a/c for such phishers of any use, bcoz SBI uses SMS based security for any transaction, password change or any any change on a/c so is it of any use of hacking the a/c? The user can reset the pass by going to bank or use SMS service.

SBI is been following SMS based security for ant TXN since 3-4 months..

It's not just the login details. I tried with bogus login info and continued by ignoring warning from Norton. Then there came a page where we had to enter all the details, from CC number, PIN, password, security question and all of that to 'verify' our account. So they can snatch the card details and use it.

 

[Gaurish]

are the login details of SBI Bank a/c for such phishers of any use, bcoz SBI uses SMS based security for any transaction, password change or any any change on a/c so is it of any use of hacking the a/c? The user can reset the pass by going to bank or use SMS service.

SBI is been following SMS based security for ant TXN since 3-4 months..

Believe it or not, these frauds will call you asking for that code you got on your mobile via SMS, saying they are bank employees. Many innocent people trust and give it out!!!

stupid people!

 

[hellfire]

Whoever wrote that fake mail did not care much to check the spelling and grammar.. 'mixmium' security?

Hahahaha maximum + minimum = mixmium

 

[pretttt]

Haha.. even I received this mail today.

It looked suspicious anyway, no details just a link as attachment.

 

[Decius]

Even I received this mail about a month back and I immediately did inform the online security team of SBI and they did promptly reply back to me asking me to provide the full details of the email. At first look it looks pretty authentic though

 

[RD274]

Fraud Warning

This site has been reported as fraudulent. Exchanging sensitive or confidential information with this site could put you at risk for identity theft and/or financial fraud.

Opera Software strongly discourages visiting this page.

Opera ftw ...

 

[Decius]

Even chrome shows up warning

Warning: Suspected phishing site!

The website at Account Suspended has been reported as a “phishing” site. Phishing sites trick users into disclosing personal or financial information, often by pretending to represent trusted institutions, such as banks.