Skip to main content

Did Bank of India send a fake SMS, or is its website under attack?

On the evening of February 14, after banking hours, I received a strange SMS from Bank of India (BOI)—where I maintain a very small, largely inactive account. I had opened it years ago simply because a branch was located near my home. However, finding their services quite poor, I rarely use it anymore.
The SMS, sent from "JM-BOIIND-S," warned that my account "would become dormant on 14-02-2027" and insisted, "Please do transaction in this account."
A warning for a year from now? Why would BOI send this today? I had little reason to doubt the sender's address, as I’ve received legitimate transaction alerts from it before. Still, it made no sense.
I assumed BOI—a nationalised bank often associated with careless handling—had simply mistyped the year. It should have been 2026. So, late in the evening, I decided to do a small transaction of just about ₹100 to prevent my account from going dormant.
I picked up my tablet and tried reaching BOI's online login site through Chrome. That’s when things got alarming.
Instead of the login page, I saw this warning: "Your connection is not private. Attackers might be trying to steal your information from uaibconnect.bankofindia.bank.in (for example, passwords, messages, or credit cards)..."
Undeterred, I tried to proceed. The next message was even more startling. It stated that the website "normally uses encryption to protect your information," but this time, it "sent back unusual and incorrect credentials." Why? Chrome explained: "This may happen when an attacker is trying to pretend to be uaibconnect.bankofindia.bank.in, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged."
It added that I could not visit the site "right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."
So, was the SMS fake? A cleverly disguised phishing attempt? Or is the bank's website genuinely compromised?
I honestly don't know. But Bank of India should issue a clarification—if, of course, it cares about its customers.
Update: Meanwhile, on February 15, I could open the website, but the transfer link didn't work!

Comments

TRENDING

DigiLocker's 'mismatch' problem: When technology defies government policy

  DigiLocker has been functioning in rather strange ways, at least in my experience over the past year. For quite some time now, I have been trying to retrieve various documents from the Government of India's official app, but every attempt ends with an inexplicable "mismatch" error. I even lodged a complaint through its official email ID, explaining that I was unable to retrieve or download essential documents such as my PAN card , driving licence, and the registration certificates of my car and scooter. The response has remained the same: the system refuses access on the grounds of a so-called mismatch.

Caste, class, and Patidar agitation: Veteran academic 'unearths' Gujarat’s social history

Recently, I was talking with a veteran Gujarat-based academic who is the author of several books, including "Social Movements in India: A Review of Literature", "Untouchability in Rural India", "Public Health and Urban Development: The Study of Surat Plague", and "Dalit Identity and Politics", apart from many erudite articles and papers in research and popular journals.

'Rethink' Kalpasar, 'end civil engineering mindset' in Gujarat's water strategy

Prof. Vidyut Joshi, a prominent sociologist and one of the leading protagonists of the mega Narmada dam project, has raised critical questions regarding the viability of Gujarat’s ambitious Kalpasar project. Writing in the Gujarati daily Sandesh under the headline "Let us consider alternatives scientifically for the Kalpasar project," Joshi argues that rather than remaining trapped in a "civil engineering mindset" focused solely on constructing massive dams, the state must pivot to modern, sustainable, and technologically viable alternatives to quench the thirst of the arid Saurashtra region.