Phishing is a comparatively newer conceptionin India. Of late there has been an upsurge in phishing cases in India wherethe public has fallen victim to such menacing activities. In India, the most frequentform of phishing is by email pretending to be from a bank, where the sinisterasks to confirm your personal information/login detail for some made up reasonlike bank is going to upgrade its server. Needless to say, the email contains alink to fake website that looks exactly like the genuine site. The credulouscustomers thinking that it is from the bank, enter the information asked forand send it into the hands of identity thieves.ICICI Phishing Case – Umashankar Vs ICICI BankMany regularsof ICICI Bank received an e-mail which asked for their user nameand password to their account.
The e-mail appeared so authentic and legitimatethat a few users clicked on the URL that led to a Web page very closelyresembling the official site. The scam was brought to light on an assistantmanager of ICICI Bank’s information security cell receiving thosee-mails forwarded by a customers looking for validity of the e-mails.It was a milestone verdict of theAdjudicator of Tamil Nadu, ordering a compensation of Rs 12.85 lakhs to thevictim. The provisions of InformationTechnology Act, 2000The phishing fraud is a cyber crimeand it catches the attention of many penal provisions of the InformationTechnology Act, 2000.
The 2008 amendment added provisions dealing with thephishing. The following Sections of the Information Technology Act, 2000 areapplicable to the Phishing Activity: 1. Section66: The victim’s account is compromisedby the sinister, this is practically impossible unless the sinister brings changesby deleting or altering the information in the bank server.
Ergo, it is enclosedand punishable u/s 66 IT Act.2. Section66A: The cloakedemail including the sham link of the bank swindles or misleads about the originof such email and ergo, it pulls the provision of Section 66A IT Act, 2000.
3. Section66C: In suchemails, the sinister camouflages as the bona fide banker to use the exclusiveidentifying attribute of the bank, for instance Logo, trademark etc. and thereby,attracting Section 66C IT Act, 2000.4. Section66D: By the phishing email havingthe link to the sham site of the bank, the sinister pretends to be the Bank inorder to defraud the gullible customers, therefore the offence under Section66D too is applicable.