@Atul,
For CERT-In, it is not about the method but the process an organisation
follows.
pdf process might seems to you as KISS (keep it simple stupid) but follows the
government instructions where a national security agency (CERT-In) has to keep
records of the reporting person and subsequently the action taken on the
reported incidents.
As a fact, in India a normal user or even professionals are still not using
their digital identities (like digital certificates or keys). Then how the
authenticity of the reported person will be established? On which basis a
national security agency will take action?
I just co-relate with a business process of a bank. Why do you need to fill
Pay-in-slip form for any deposits u make for ur account? It's in same way....
However filling pdf form is not mandatory and CERT-In acts on reports received
on e-mail ([email protected]).
Regards,MADHUR VERMA
From: [email protected]
Date: Wed, 13 Jan 2010 16:51:45 +0530
To: [email protected]
CC: [email protected]
Subject: Re: [Owasp-delhi] Fwd: PNB phishing page.
@Parmendra.
Sounds good.
Still i hope we have someone here in the list who can explain me why a pdf and
why not a webform. KISS (keep it simple stupid) method always and everywhere
works better in my opinion.
On Wed, Jan 13, 2010 at 4:47 PM, Parmendra Sharma <[email protected]> wrote:
Hi Atul,
For any further incident report them at the given id it will definately work.
Fill the form once they ask you to do so but in such cases they will never ask
it is because such kind of incidents are their primary concerns. Form filling
is required to have the additional details regarding the incident reporting
party as well as the type of the reported incident but in this case the picture
is clear.
On Wed, Jan 13, 2010 at 4:40 PM, atul jha <[email protected]> wrote:
@Parmendra
I have mailed them.I have allready done that but i really dont have patince to
download I just hate there way/method who has got so much patience to download
the form and then fill it up?
I wonder why can`t they come up with nice web-form for registering the
incident.this is just overdo and we are doing it for a common cause.its more
like adding pain rather than submitting incidence.
On Wed, Jan 13, 2010 at 4:33 PM, Parmendra Sharma <[email protected]> wrote:
Dear All,
May please report any phishing incident related to any Indian bank to Indian
Computer Emergency Response Team (CERT-In) for the quick removal / deactivation
of the phishing website.
Together with this you may also report any incident related to Malware
Infection or something which seems to be a threat to Information Security.
This is because CERT-In coordinates with the ISPs and Other National CERTs and
Indian Constituencies for the quick eradication of the reported Incidents so
that the loss can be minimised.
Details required for the Incident Reporting are given below:
E-mail ID: [email protected]
Incident Response Help Desk phone: +91-11-24368572
Fax : +91-1800-11-6969
Incident Reporting form available at:
http://www.cert-in.org.in/incidentreporting.htm
Website: http://www.cert-in.org.in
On Wed, Jan 13, 2010 at 4:10 PM, Soi, Dhruv <[email protected]>
wrote:
Wow! Just to add further:
Watch for:
pnbindia.com
pnbindia.in
Can you see the difference? Dig and whois can be helpful and this link can add
more: http://safeweb.norton.com/report/show?url=pnbindia.com. Though, Infected
links seem to have removed.
I have got some good links in PNB, let me help them out with this.
Phish the Fish! ;-)
From: [email protected]
[mailto:[email protected]] On Behalf Of atul jha
Sent: 13 January 2010 10:22
To: [email protected]
Subject: [Owasp-delhi] Fwd: PNB phishing page.
Morning all,
Well moments ago saw this mail and its not marked as spam a crafted e-mail.
I tried my best to contact PNB guys but unfortunately there was no link for
phishing report on website of PNB.
I am sure more than 100 customers must have been fooled so far submitting there
credit card PIN.
I have attached screenshot alongwith.
---------- Forwarded message ----------
From: Punjab National Bank <[email protected]>
Date: 2010/1/13
Subject: Get your Refund Amount
To: [email protected]
You have get a Tax Refund on your Punjab National Bank MasterCard.
Complete the formular, and get your Refund Tax.
(Your Refund Amount Is 3200 rupees)
Complete Formular bellow :
http://lindsaysunley.eu/pnbindia/online.html
Copyright Š 2010 - Punjab National Bank. All rights reserved.
regards,
atul jha
--
www.atuljha.com
9953555890 <-- is my new number.
"Beer is proof that God loves us and wants us to be happy. " - Benjamin Franklin
_______________________________________________
Owasp-delhi mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-delhi
--
Thanks and Regards:
Parmendra Sharma
Computer Security Analyst
--
www.atuljha.com
9953555890 <-- is my new number.
"Beer is proof that God loves us and wants us to be happy. " - Benjamin Franklin
--
Thanks and Regards:
Parmendra Sharma
Computer Security Analyst
--
www.atuljha.com
9953555890 <-- is my new number.
"Beer is proof that God loves us and wants us to be happy. " - Benjamin Franklin
_________________________________________________________________
Windows 7: Simplify what you do everyday. Find the right PC for you.
http://windows.microsoft.com/shop_______________________________________________
Owasp-delhi mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-delhi
