14 February 2011

About Phishing

‘Phishing’ is modus operandi by the hackers where the Internet banking customers get mails that deceptively claims to be from a genuine source (like your Bank). These mails look similar to that of the Bank’s website, Bank logo etc.
Phishing is a spoofed e-mail to convince the customers to provide the confidential information like Customer ID, User-ID, and Password,Card Number, CVV,PIN etc. on the pretext of updating the customer profile.
Alternatively, some times customers are asked to download and install ‘security’ software attached to the spam e-mail to gain the confidential information of the customers.
Customer receives a fraudulent e-mail seemingly from a legitimate Internet address.
Advises the customer to Click on the hyperlink which directs the customer to a fake web site that looks similar to the genuine Bank’s website.
Usually the email will either promise a reward on compliance or warn of an impending penalty on a non compliance.
Customer provides personal details in good faith. Clicks on 'submit' button, but web page displays an error message. It is an indication that it is a phishing attack.
Always logon to an authorised site by typing the proper URL in the address bar.
Give your user id and password only at the authenticated login page.
Please remember that the bank would never ask you to verify your account information through an e-mail.
If any e-mail received purported to be originated from SyndicateBank requesting its Internet Banking Customers to provide User-Id, Password and other personal information, Please report immediately to secalert@syndicatebank.co.in
Check your account statement periodically for the correctness of the transactions.
Ensure that your browser requirement is up-to-date for accessing Net banking.
Use the facility provided by the Bank only to register your Credit/Debit Card for e-commerce transactions.
Do not click on any link which has come through e-mail from an unknown source.  It may contain malicious code or could be an attempt to 'Phish'.
Do not provide any information on a page which might have come up as a pop-up window.
Do not   provide your user-id or password over the phone in response to an unsolicited request over e-mail.
Always remember that information like password, transaction password, ATM PIN, etc are strictly confidential and are not known even to employees/service personnel of the Bank. You should therefore, never divulge such information even if asked for.

No comments:

Post a Comment