Did you spot any difference? The duplicate site is a duplicate site because it is aPishing Site.
Pishing Sites are duplicate sites that are designed and developed to fool ignorant people. Online Banking is not a new thing but it is always a new thing for those who use it for the first time. Moreover, those who work in a hurry or have over confidence also fall prey to the Pishing Sites. Lastly, luck plays an important role in getting robbed or winning a lottery, which simply is beyond the scope of human beings. However, precautionary measures can be taken to avoid problems.
The Duplicate Site mentioned here is work of genius. It does not allow right click, it looks like the Original SBI site and it makes you feel that you are going in the right direction.
Have a look at the two snapshots and you will understand the difference between an original and duplicate site. An original site will always provide a security certificate, which is usually green in color. Secondly, when you try to login the URL changes fromhttptohttps, where 's' stands for secure. However, the duplicate site here is designed skillfully and you do not feel that it is duplicate or fraud. It can reach you likeOnline SBI orOnline SBI DematorPay Online SBI.
When you move ahead with this duplicate site, there are high chances that your Anti Virus or Mozilla [Browser] itself will detect the phishing site and warn you. If you dont have any anti virus or intelligent browser then things can take bad shape.
The green bar at the top(which you have shown as a prominent difference) is only visible in Firefox. The more fool-proof way of authenticating a website is looking for the 'padlock' symbol in the lower right corner of your browser. Before you enter your password anywhere (google, gmail,irctc,SBI,billdesk,paypal), make sure the padlock symbol appears without any exclamation mark. The padlock symbol indicates that the security certificate presented by the site is authentic and belongs to the openend site only. And as a spin off Facebook does not as yet use security certificates, hence its passwords can be intercepted by attackers. SO PLEASE DON'T GIVE THE SAME PASSWORD TO YOUR FACEBOOK AND MAIL ACCOUNTS.