It is known for some time that fraudsters use unrelated e-mails to drop trojans which may be used for phishing.
Here is an example of an e-mail which says “..Own Samsung Galaxy for Rs 1.72..”
The link appears to contain at least two trojans which are detected by Kasparesky pure 3.0
Similar tactics could be used with World Cup related information or budget related information etc.
Many Banks in their phishing defense inform customers that “Bank never sends an email requesting for passwords ..etc”. But such notices are not useful since fraudsters may use e-mails other than in the name of the Bank and still be able to drop trojans that steal the Bank passwords.
It is also known that the new generation of trojans are even able to defeat the two factor authentication. Hence Banks need to re think on their access mechanisms and make it robust in the light of the fact that customer liability is now limited to Rs 10000/-.