A couple of hours before I received an email stating that my net-banking is suspended due to a password mismatch and I have to re-activate my online account. I knew that its a phishing email but to know, how they trick people to provide their banking information and part with their hard earned money.
When I clicked on the link, firefox blocked access to the website as it was reported for web forgery. I turned off the web forgery reporting and tried again, the link took me to a page designed to look like the IDBI net-banking login page.
I opened the IDBI net-banking in another tab to compare both and found that the similarities (including the verisign logo) were good enough to fool people who don't have much knowledge about the online threats. On the other hand, there were enough differences, like the missing virtual keyboard and some excise duty related information and a different verisign logo. The easiest difference to spot was the URL of the website, I suggest people to check the URL before clicking on any link. All secure URL's start with https not http and no bank will ask you your net-banking credentials.
As soon as I entered some random numbers in the form and submitted, surprisingly, it redirected to IDBI bank's Regulatory Updates page.
