What Is Phishing?
‘Phishing is an act of sending a fraudulent email, or creating a forged screen or pop up, in an attempt ot capture a customer’s sensitive personal details like user id, password or PIN, date of birth, CVV number etc.
How Is Phishing Carried Out?
- Unsuspecting customers are sent emails which look very similar to the authentic emails sent by banks.
- In these emails, the customer is asked to click on a link which redirects him to a fake site resembling the authentic bank site
- On this fake site, customers are asked to share their personal details.
Through Pop Ups
- A pop up window appears on the screen while the customer is logged in to the bank website.
- These pop ups request the customer to re-enter his or her personal online identity details. Since this pop up appears during the online banking session, it can be easily mistaken to be an authentic request bank.
- Once the personal online information is submitted, the fraudster can then use it to make online transactions, posing to be the genuine customer.
Never reply to emails asking for your password or PIN
Safeguard Yourself Against Phishing!
- Never respond to any e-mail that requires you to confirm, upgrade, renew or validate your account details or card details, even if it appears to have come from your bank.
- Do not share your OTP, URN or 3D secure passcodes with anybody, even if the caller claims to be from your bank.
- Always remember to log off once you have completed an online session. Avoid financial transactions from a cybercafe or shared computer.
- Register for e-mail alerts or mobile alerts to get to know well in time about transactions or any changes in your account.
- Upgrade your home computer to a legitimate (non-pirated) operating system with a firewall, latest version of browser and anti virus/anti-spyware software.
Check your bank statements regularly. If you notice an unauthorized transaction in your bank account or card account, report it to your bank immediately.
How To Identify A Phishing E-Mail
- The e-mail might appear to have come from your bank or a known website.
- Some of the characters of the sender’s URL might be missing or closely resemble those of the genuine URL. The URL of the fake site will not match the url of the legitimate site.
- The e-mail may show urgency for action.
- The padlock icon may be missing.
- Any e-mail request for your personal and confidential details is almost certainly a phishing attempt
Content Source – Content Partner