Spoofing

What Is Spoofing?


Website spoofing is the act of creating a website, as a hoax, with the intention of performing fraud. To make spoof sites seem legitimate, phishers use the names, logos, graphics and even code of the actual website. They can even fake the URL that appears in the address field at the top of your browser window and the Padlock icon that appears at the bottom right corner.

How The Fraudsters Operate?


Fraudsters send e-mails with a link to a spoofed website asking you to update or confirm account related information. This is done with the intention of obtaining sensitive account related information like your Internet Banking User ID, Password, PIN, credit card / debit card / bank account number, card verification value (CVV) number, etc.

Tips To Protect Yourself From Spoofed Websites


  1. ICICI Bank will never send e-mails that ask for confidential information. If you receive an e-mail requesting your Internet Banking security details like PIN, password or account number, you should not respond.
  2. Check for the Padlock icon: There is a de facto standard among web browsers to display a Padlock icon somewhere in the window of the browser For example, Microsoft Internet Explorer displays the lock icon at the bottom right of the browser window. Click (or double-click) on it in your web browser to see details of the site's security.


  3. It is important for you to check to whom this certificate has been issued, because some fraudulent websites may have a padlock icon to imitate the Padlock icon of the browser.

  4. Check the webpage's URL. When browsing the web, the URLs (web page addresses) begin with the letters "http". However, over a secure connection, the address displayed should begin with "https" - note the "s" at the end.
    For example: Our home page address is http://www.icicibank.com. Here the URL begins with "http" meaning this page is not secure. Click the tab under "Login". The URL now begins with "https", meaning the user name and password typed in will be encrypted before being sent to our server.
  5. Sample Spoofed Site

    Genuine Site