In good old days, when you carried money in your wallet, thieves pick pocketed you. As credit cards virtually replaced cash, tricksters stole your credit cards and tried to buy goodies from your cards.

Now many of your financial activities are being done from Internet; you do most of your banking transactions through Internet with appropriate passwords; you use your credit card number with password to purchase goods from e-bay, Amazon and also book tickets for railroad, air travel etc. You use your Paypal account to send and receive money across countries.

If only someone could grab your bank account numbers, credit card numbers, Paypal login e-mail ID and all the related passwords, they too can sit at the comfort of their home and wipe your bank account dry, get goods purchased through your credit cards and transfer all the money you have kept in Paypal to their bank account!

Smart and intelligent criminals are already doing it and thousands of naïve people are losing their personal ID to these fraudsters and end up losing huge money even before they get any itching on what really happened.

One of the widely practiced techniques by the Internet criminals to hoodwink you to part with your sensitive personal Identity information is through “phishing” mails.

See an actual phishing e-mail that I received sometime back, which looks as though it has been sent by my bankers ICICI Bank, India.

The above mail contains the web address of my bankers as “icicibank.co.in”. Looks quite genuine, isn’t it? But, somehow the look of the e-mail is not too convincing and there is a likelihood that I get somewhat suspicious. As I read the message a second time, it strikes to me that my ICICI Bank’s web address is “icicibank.com” and not “icicibank.co.in”!

Okay; this phishing e-mail lacked some level of  “professionalism” and so, I felt suspicious and forwarded to my bankers seeking their advice. And they confirmed that it was indeed a phishing mail and adviced me never to respond to such messages. Now, see yet another e-mail that I received, some 8 months after the previous mail:

This e-mail definitely looks awesome and very convincing, isn’t it? It has the ICICI Bank’s logo perfectly etched, the looks and feel of the message is absolutely professional and it is extremely likely that anyone who has no knowledge about phishing mails will respond immediately by clicking the link provided in the e-mail. What will happen if you click the link given there?

It will take you to a fake site; needless to mention that the site in all likelihood will again display the bank’s logo prominently and ask you to input your name, address, phone number, ICICI Bank account number, your user ID and password for internet banking. If you do it, you are finished. Your entire account balance will bet wiped out very soon!

So what do you do? How will you know that the e-mail is not a genuine one?

The most important thing to know is no worthy and reputed banker or a credit card company or a web-based e-shop like e-bay will ever ask your personal identity information through e-mail.

If at all any account verification is ever needed by them, you will be asked to log into their web-site directly (like when you do your genuine bank transaction) and only after you enter into their secured site, any verification exercise will be initiated. It will never be through an e-mail link.

Next, be very vigilant about the web-address of your genuine site. In the above case, “icicibank.co.in” looks too deceptively genuine but it is not.

The best course of action you do is to forward the mail to customer care e-mail ID of your bank and verify. It will help in two ways. One, you will get an official response to confirm that it is indeed a phishing mail. Secondly, it will help the bankers to initiate legal action and try and locate the culprit who sends such messages.

So be warned. Never respond to any such mails in future. If in doubt, consult your banker or credit card company, in the guise of which the mail came.