Phishing Attacks and how to avoid them
Phishing is a form of
cyber attack in which scammers/attackers make Internet users divulge with
sensitive information about their bank accounts and personal details. E-mail can be used to obtain sensitive
information from unsuspecting users. The
information may be passwords for websites, credit card information, and online
financial information such as bank account numbers. The attackers are able to target Internet
users due to some inherent weakness in web browsers and other technical aspects
of the Internet. All the internet users
are requested to adopt/practice the following guidelines to avoid such attacks,
as prevention is always better than cure.
- Be suspicious of any email with urgent requests
for personal financial information and do not react to such suspicious
- The credentials of the sender should be
verified before making any transaction on the received e-mail message.
Please contact the Bank to verify the genuineness of the e-mail.
- Don't use the links/hyper links in an email to
get to any web page, if you suspect the message might not be authentic
- Avoid filling out forms in suspicious email
messages that ask for personal financial information. Personal information
like passwords, PIN, credit/debit card numbers not to be provided to any
entity in response to e-mail request.
- Always ensure that you're using a secure
website when submitting credit card or other sensitive information via
your Web browser
- To make sure you're on a secure Web server,
check the beginning of the Web address in your browsers address bar - it
should be "https://" rather than just "http://"
- Whenever a user connects to a secure website
(https), the web browser alerts the user.
In normal practice users ignore this warning message and do not
verify the server certificates while making online transaction with the
financial institution. The users
should verify credentials of such web-sites before making any financial
- Please look for the correct URL address of
the Bank and also the SSL lock symbol at the bottom of the browser. By double clicking at the lock symbol,
you can view the certificate that verifies this web site’s identity. This
is to ensure that the lock symbol is not a hard coded image and it
represents the genuine site.
- Regularly check your bank, credit and debit
card statements to ensure that all transactions are legitimate
- Ensure that your browser is up to date and
security patches applied and use latest versions of browsers to connect to
Internet as they could provide higher levels of security.
- If you happen to receive any such suspicious
e-mails, please report the same immediately to this e-mail id: email@example.com
General Security Advices
user name and password are highly confidential.
Do not part with them. Indian
Bank will never ask for this information other than the log on page.
the Operating System (OS) of the computer system promptly as newer/upgraded versions
would help make your system more secure.
Antivirus software on your computer systems and update them continuously as
this will reduce the risk of virus attacks
of personal firewall would provide added level of security
potential risk caused through pop up windows may be eliminated by removing
spyware or adware installed on your system by using spyware/adware removing
from unknown/unfamiliar sources may contain programs or viruses that may
compromise your system security.
your internet connection when not in use.
This would avoid unnecessary access to the information on your systems
and help protect yourself even if you have a personal firewall installed in
logout completely after using the online application, i.e., by clicking the
logout button and closing the browser windows.
screen saver password would provide additional protection.