India’s largest private sector bank, ICICI Bank, is now in for a rude shock after a battery of e-mails that said that the bank’s website was a victim of phishing, by which fraudsters steal passwords, user-names and other personal data of customers by setting up fake look-alike websites of companies.

An e-mail received by FE showed that the website URL (universal resource locator) ‘https://www.icicibank.com’ instead of the original . If tried, the e-mail said, the address throws up a URL (universal resource locator) that duplicates the original site only if the phisher was online. When FE tried the same, it said, “While trying to retrieve the URL,www.icicibank.com:443, the following error was encountered: ‘Connection failed’.

ICICI Bank’s official spokesperson denied that there was any phishing on the website, but said that attacks were a common feature on most sites. “Our site hasn’t been phished or hacked,” he added. Interestingly, the bank has started a full-fledged education service to its customers by e-mailing them safety practices before parting with vital pieces of information like passwords and user names.

Pravir Vohra, group chief technology officer at ICICI Bank, was not available for comment. In an earlier e-mail reply to FE a few days ago, he had informed that the bank was proactively combating phishing attacks. According to Amuleek Bijral, country manager at US-based RSA, the security division of EMC, ?Phishing attacks pop up every three or four days. It’s time that banks go for anti-phishing services to combat such attacks.?