Professional Documents
Culture Documents
A Case Study On The New Face Digital Bank Scams With Special Reference To The ICICI Bank Phishing Case
A Case Study On The New Face Digital Bank Scams With Special Reference To The ICICI Bank Phishing Case
Our modern society entrusts banks with their money. Bank is everywhere, people now dont
travel with cash, they just carry a bank issued shopping cards for day to day monetary
transactions. This new banking system has gained an impetus with the growth of e-commerce.
Such large number of cashless transactions have caught the attention of scammers and now these
scammers have found a loophole in the form of digital bank scams to gain access and embezzle
money from the bank accounts of common people. These Cyber Criminals affected the online
businesses and individuals all over the world. Internet Websites and services allows users to
easily pay bills, make reservation, hotel booking and even work. And these actions can be done
on any part of the world. There were no boundaries and limitation of standing in a queue to do
things. Just some thumb press in your smartphone and the work is done. This new era of
technology has made life so much easier. So is the case for cybercrime. Criminal Minds can
reach into our private lives, our homes and work offices by the help of growing technology, thus
cause harm to the individuals and there is little we can do about it. Some of the most common
ways of one becoming vulnerable to these phishing scams is when one shop online, checks mail
or access social media networks.
Phishing is the new internet age crime, born out of technological advances in internet age. It is
characterized by fraudulently acquiring sensitive information such as passwords, usernames,
login IDs, PAN card number, and credit and debit card details by disguising as a reliable person
in an official electronic communication such as URL links or email or an instant message. A
recent spurt in phishing attacks has been acknowledged particularly in India. Unawareness in
public, unawareness of policy and Technological Sophistication are the major factors which led
to phishing scams in India.
Phishing attempts had been carried out against ICICI Bank, UTI Bank, HDFC Bank, etc. which
were operated with the same modus operandi. It was reported that a large number of customers
of these banks had received emails, which have falsely been misrepresented to have been
originated from their bank. The recipients of the mails were told to update their bank account
information on some pretext. These emails included a hyperlink with-in the email itself and a
click to that link took recipients to a web page, which was identical to their banks web page.
Some of the unsuspecting recipients responded to these mails and gave their login information
and passwords. Later on, through internet banking and by using the information so collected a
large number of illegal/fraudulent transactions took place.1
Phishing fraud is an online fraud in which fraudsters disguises an individual and traces their
personal data and other valuable information. Thus, essentially it is a cybercrime and Information
Technology Act 2000, as amended in 2008 has attracted many legal provisions to deal with the
phishing activity.
Section 66: The account of the victim is compromised by the phisher which is not possible
unless & until the fraudster fraudulently effects some changes by way of deletion or alteration of
information/data electronically in the account of the victim residing in the bank server. Thus, this
act is squarely covered and punishable u/s 66 IT Act.
Section 66A: The disguised email containing the fake link of the bank or organization is used to
deceive or to mislead the recipient about the origin of such email and thus, it clearly attracts the
provisions of Section 66A IT Act, 2000.
Section 66C: In the phishing email, the fraudster disguises himself as the real banker and uses
the unique identifying feature of the bank or organization say Logo, trademark etc. and thus,
clearly attracts the provision of Section 66C IT Act, 2000.
Section 66D: The fraudsters through the use of the phishing email containing the link to the fake
website of the bank or organizations personates the Bank or financial institutions to cheat upon
the innocent persons, thus the offence under Section 66D too is attracted.2
1 http://www.merinews.com/article/phishing-scams-in-india-and-legal-provisionspart-2/15846107.shtml
2 http://www.tifrh.res.in/tcis/events/facilities/IT_act_2008.pdf