Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The Comodo Threat Research Labs (CTRL) team has identified a phishing attack that was targeted specifically at ICICI Bank and its customers, India’s largest private bank with more than 4,000 branches across the country.
As part of a targeted phishing campaign, fake emails were being sent disguised as official emails from the company, asking recipients to update their banking details and information and stating that the information needed was mandatory.
The fake emails were being sent from the sender address “ICICI Bank < ppradhan@jagsonpal.com >,” which, at first glance, would seem to be a legitimate email address – but looking closely, the domain name is clearly not related to the company at all. This should be warning sign no.1 for potential victims of this (and other) phishing campaigns.
Within the email itself (image 1 below), the cybercriminals were asking potential phishing victims to click on a mandatory hyperlink, where they were asked to fill in their personal and professional information related to their banking with ICICI.
When the potential phishing victim clicked the hyperlink, it took them to a landing page where they would select if they were updating their personal information or their corporate information (image 2).
Either one the potential victims click, would have taken them to a new landing page (image 3), where they were asked to confirm key pieces of financial information such as user ID, password, transaction password, debit card number, email ID and email password.
Potential phishing victims should be sure to look at the URL of any site that is asking them for this type of critical information. In this case, the information for ICICI was originally hosted on a site that is not at all affiliated with the company (http://www.gomiapp.com/app/). As of this blog post, this phishing site has now been taken down and logging on reveals “page not found” – but this site could easily appear again in another targeted phishing campaign at a different website with similar content.
In speaking with ICICI bank, they have issued the following information that they also wanted to share with the public:
“ICICI Bank has a robust and multi-level security system for all its banking channels including our internet banking to safeguard our customers from fraudulent attacks including phishing. The phishing page which was hosted on the third party website does not exist and hence, it does not pose any threat to our customers. In addition, we have a proactive monitoring process to detect such phishing page/site, which are immediately brought down. In order to expand the vigilance, we even request our customers to bring to our notice as and when they come across any such phishing site. ICICI Bank never asks personal, account or financial information from our customers via e-mail or by directing them to a link online. On an ongoing basis, the Bank advises its customers to not reveal their details to anyone. Readers and customers are requested to forward such e-mails to antiphishing@icicibank.com along with your contact details.”
Trying to represent the colors, logos and feel of official websites is an area cybercriminals are proficient in. The Comodo team identified the ICICI phishing email through IP, domain, URL analysis and image analysis and has notified the communication office of ICICI of its findings.
“Through our specific IP and URL analysis – as well as the Comodo Threat Research Labs’ continuous monitoring and scanning of data from the users of Comodo’s security systems, our team was able to identify this specific phishing email scam and alert the public to it,” said Fatih Orhan, director of Technology for Comodo and the Comodo Threat Research Labs. “As a company, we work diligently to create innovative technology solutions that stay a step ahead of the cybercriminals and keep enterprises and IT environments safe.”
The Comodo Threat Research Labs (CTRL) is made up of more than 40 IT web security software professionals, ethical hackers, computer scientists and engineers, all full-time Comodo employees, analyzing and filtering spam, phishing and malware from across the globe. With offices in the U.S., Turkey, Ukraine, the Philippines and India, the CASL team analyzes more than 1 million potential pieces of phishing, spam or other malicious/unwanted emails per day, using the insights and findings to secure and protect its current customer base and the at-large public, enterprise and Internet community.
If you feel your company’s IT environment is under attack from phishing, malware, spyware or cyberattacks, contact the security consultants at Comodo at
https://enterprise.comodo.com/contact-us.php.
(1) http://www.icicibank.com/aboutus/about-us.page
IMAGE 1: Initial phishing email
From: ICICI Bank <ppradhan@jagsonpal.com>
Subject: Please Update Your ICICI Bank Details
IMAGE 2: Selecting which account
IMAGE 3: Where the information is stolen by the cybercriminals
Related Resources:
Website Backup
Website StatusFree Desktop Management Tools
Tags: comodo,phishing email
Reading Time: 4 minutes There should be no doubt in anyone’s mind that the coronavirus pandemic will reshape our education systems. It has already altered how students around the world learn and share knowledge with their peers in just a matter of months. Those changes can give insight into how education will progress in the long run, for better…
Reading Time: 3 minutes [Pull quote: In my experience, our customers really appreciate our team’s attention to detail and ability to listen. Here at Comodo, we value professionalism–but we’re also available and friendly.– Stephen Corsale, SVP of Customer Success and Professional Services at Comodo] One thing that’s unique about the cybersecurity industry is that a vendor is successful when…
Reading Time: 3 minutes What Is Phishing? Phishing is a method employed by cybercriminals to access email accounts and systems using deception rather than defeating security protections. In basic phishing attacks, cybercriminals send an email that appears to be legal, tempting the victim to open an attachment or click on a link. This click could result in loading malware…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP